Feds pull suspicious .gov site

blitz blitz at macronet.net
Thu Feb 6 08:28:22 UTC 2003



>
>
>Forwarded from: William Knowles <wk at c4i.org>
>
>http://news.com.com/2100-1023-983384.html
>
>By Declan McCullagh
>Staff Writer, CNET News.com
>February 5, 2003
>
>WASHINGTON--In a move that raises questions about the security of
>governmental domains, the Bush administration has pulled the plug on a
>.gov Web site pending an investigation into the authenticity of the
>organization that controlled it.
>
>Until recently, visitors to the AONN.gov Web site were treated to a
>smorgasbord of information about an agency calling itself the Access
>One Network Northwest (AONN), a self-described cyberwarfare unit
>claiming to employ more than 2,000 people and had the support of the
>U.S. Department of Defense.
>
>No federal agency called AONN appears to exist, and no agency with
>that name is on the official list of organizations maintained by the
>U.S. National Institute of Standards and Technology.
>
>The General Services Administration (GSA), which runs the .gov
>registry, pulled the domain on Jan. 24, after a query from CNET
>News.com.
>
>"There are questions about the authenticity of the Web site that
>includes the AONN name," the agency said in an e-mail reply. "Until
>the situation is resolved, we have eliminated the URL from the .gov
>directory name server."
>
>The action could point to the first case of a .gov domain name
>hijacking.
>
>The GSA investigation raises questions about the integrity of federal
>Web sites at a time when the Bush administration is touting electronic
>government initiatives. President Bush signed the E-Government Act of
>2002 in December, and the IRS in January began a program to encourage
>Americans to file their taxes electronically.
>
>Cybersquatting, or registering a domain to which you may not be
>entitled, is hardly uncommon among the multitude of .com and .net
>domains. In 1999, President Bill Clinton signed an anticybersquatting
>law, and an alternate process through which domain names can be
>challenged has resulted in more than 11,000 domain names being
>transferred away from the parties who had registered them.
>
>But there are no known cybersquatting incidents involving a
>governmental domain, according to the GSA. "I'm not aware of any
>incident" in the past when an unapproved individual has gained control
>of a .gov domain name, an agency representative said.
>
>Chris Casey, who in 1995 helped to create Congress' first Web sites
>and now runs a Web design company called Casey.com, says he was
>surprised to hear that AONN had apparently secured a .gov name, and
>said a misappropriated .gov domain could create confusion among Web
>users.
>
>"I'm not aware of it ever happening before," Casey said. ".gov, .edu
>and .mil carry a feeling of trustworthiness...People have learned to
>place more faith in them."
>
>AONN's background
>
>Claiming credit for the deleted .gov site is a man who calls himself
>Robert L. Taylor III, whose name and contact information appeared in
>documents on the AONN.gov site.
>
>Taylor, who appears to reside near Everett, Wash., declined to explain
>how, exactly, he secured a .gov domain for the group, calling AONN's
>operations "classified."
>
>"We have exploited a security hole in the bureaucracy," Taylor said in
>a telephone interview. "There are loopholes, there are security holes,
>there are holes in the system."
>
>On its now-deleted site, AONN contended its "U.S. Defense Security
>Intelligence Network" (DSIN) was launched at Harvard University's John
>F. Kennedy School of Government last year, but Doug Gavel, the Kennedy
>School's communications director, says he's not aware of any such
>program. Similarly, AONN said its champion in Congress is Rep. Jay
>Inslee, D-Wash., whose office categorically denies it. A Senate Budget
>Committee representative said he had never heard of AONN.
>
>A Pentagon representative also said that AONN has no affiliation with
>the U.S. military and he had no knowledge of the organization.
>
>It's unclear when the site was first registered or how Taylor may have
>taken control of a .gov domain. According to the official .gov
>registration rules, only organizations that appear in an official list
>of government agencies qualify for a .gov domain--and AONN is not on
>it. If AONN were a legitimate Defense Department agency, it would have
>to register a .mil--rather than a .gov--domain name.
>
>One loophole exists for city and state governments, which were allowed
>to register .gov domains before the current rules took effect in May
>1997. Such registrations are no longer permitted. But local and state
>governments with existing sites, such as the state of California's
>ca.gov, were allowed to keep them.
>
>Registering a .gov domain name involves writing an authorization
>letter--two samples are provided on the GSA Web site--printing it out,
>and then sending it to the ".GOV Domain Manager" in Reston, Va. The
>GSA would not comment on what security measures were in place, and
>what changes, if any, have been made.
>
>The GSA's safeguards don't provide foolproof security, says Adrian
>Lamo, a hacker and social engineer who claims to have penetrated
>computer systems run by The New York Times and a string of other
>corporations.
>
>"The process isn't intended to stop anyone who isn't going to be
>stopped by the need to go to Kinko's, print out some letterhead and
>then send an honest-to-God postal letter," Lamo said. "It'll stop the
>people that are willing to break any rule, as long as they can fill
>out a Web form to do it. And that eliminates 95 percent of pranks."
>
>If someone expressed interest in AONN, Taylor would send them a
>122-page PDF file containing buzzwords such as "computer intrusion
>teams, "beyond state-of-the-art super computing... next level
>broad-range security systems, cyber warfighting, highly advanced
>satellite technologies and nano-technologies." It described AONN as a
>"joint-counterstrike force (that) possesses such a culmination of some
>of the world's brightest and most brilliant intellect, intelligentsia,
>academicians and minds, it can quite easily be said that the AONN DSI
>concept by itself is worth multibillions."
>
>A notice on AONN.gov offered to "split payment on contract
>disbursements" with its fund-raisers. Taylor also offered this deal to
>potential buyers: "You come up with fifty million dollars and we'll
>sign contracts as well as deliver both human assets and the DSIN
>program."
>
>Taylor would not say if he had collected any money from corporations
>and individuals as a result of these offers.
>
>Besides claiming to be a military intelligence agency, AONN also said
>it has an "emerging and expensive clothing line" and an urban and R&B
>record label that has signed "certified platinum artists." In November
>2000, a company named AONN Records released a CD called November 12
>Projekt that a local newspaper described as a collaboration of "two
>ambitious young rappers."
>
>Taylor said that that AONN.gov and AONN Records are the same.
>
>No company named AONN Records or Access One Network Northwest is
>listed with directory assistance, and the Washington state government
>has no record of a company with either name being incorporated.
>
>AONN Records' CD release appears to have been distributed by The
>Orchard, which provides a vehicle for independent musicians to sell to
>online stores such as Amazon.com and CDNow.com. The Orchard could not
>locate AONN Records or Robert Taylor in its files. A representative
>said that would be the case if The Orchard no longer carried the
>November 12 Projekt CD.
>
>One document Taylor distributed from his Hotmail account this week,
>called a "Special Projects Dossier," lists excerpts from job
>applications apparently sent to him by intelligence officers seeking
>employment.
>
>"Some have suggested it is a spoof by a rock group who has misused the
>aonn.com and aonn.gov registrations," a representative for the
>Association of Former Intelligence Officers said this week. "How they
>obtained the (top-level domain) of .gov is baffling and shows a flaw
>in the registration system that could create greater mischief in other
>hands."




More information about the NANOG mailing list