-------------------------------------------------
SYSTEM WEIRDNESS MONDAY JULY 28 & TUESDAY JULY 29
-------------------------------------------------
My apologies for the lack of communication about the weird behavior of the
system over the past two days, but we've had our hands full and didn't
have time to post a System News message.

Monday morning we became aware that a hacker was active on the UNIX host,
and had somehow gained root (system administrator) access.  At first his
activities seemed relatively benign, but when he became aware that we were
watching him he became destructive.  All attempts to get him out and keep
him out failed, so at about 4:05 Monday afternoon we removed the UNIX host
from the network to prevent further damage.  We spent the next few hours
repairing the damage and (we thought) plugging the hole through which the
hacker gained access, and put the UNIX host back on the network at about
7:40 Monday evening.

While the UNIX host was isolated from the network, no services running on
it were available.  This included username and password verification for
dialup connections, so it was impossible to make a dialup connection
during that period. We apologize for the sudden unannounced interruption
in service, but we had no alternative. 

I spent the rest of the night and well into the morning repairing minor
damage and watching for a return visit from the hacker.  At about 3:30 AM
I gave it up and went to bed.  He apparently came back in at about 4:00
AM, but did no obvious damage.  On Tuesday we took additional steps to
keep him out, but whether or not they will be successful remains to be
seen.

I still have some minor damage to repair, so if you are a UNIX shell user
you may notice that some things don't work quite right.  Access for PPP
users should be normal. 
 
Watch System News for further developments.
 
-------------------------------------------------------------------
If you have questions about this, or about anything else related to
your BCPL Internet Account, please contact the BCPL Help Desk.

 Phone:   410-887-3297
 FAX:     410-887-2091
 E-Mail:  help@mail.bcpl.lib.md.us

 Help Pages:            http://www.bcpl.lib.md.us/help.html
                        (or enter "help" at the UNIX shell prompt)

 System News Archives:  http://www.bcpl.lib.md.us/sysnews.html
                        (or enter "sysnews" at the UNIX shell prompt)