[COFF] Re: [TUHS] Warning: April Fools

[steve jenkin <sjenkin@canb.auug.org.au>]

[ Please post follow-ups to COFF ]

Ron,

Thanks for the history, enjoyed very much.
Quite relevant to Early Unix, intertwined with VAxen, IP stack from UCB, NSF-net & fakery.

The earliest documented Trojan, Unix or not, would be Ken’s login/cc hack in his “Reflections on Trust” paper.

It was 1986 when Clifford Stoll tracked a KGB recruit who broke into MILNET, then the first “honeynet” by Stoll.

	<https://en.wikipedia.org/wiki/Clifford_Stoll#Career>
	<https://en.wikipedia.org/wiki/The_Cuckoo%27s_Egg_(book)>

1986 was also the first known PC virus according to Kaspersky.

	<https://www.kaspersky.com.au/resource-center/threats/a-brief-history-of-computer-viruses-and-what-the-future-holds?
	“Brain (boot) , the first PC virus, began infecting 5.2" floppy disks in 1986.”

2nd November 1988, the Morris worm escaped from a lab,
& overloaded the Internet for a week.

Causing CERT to be formed in November 1988 in response.
	<https://en.wikipedia.org/wiki/CERT_Coordination_Center>

The SANS Institute was formed the next year, 1989, creating structured training & security materials.
	<https://en.wikipedia.org/wiki/SANS_Institute>

This structured, co-ordinated response, led by technical folk, not NatSec/ Intelligence/ Criminal investigation bodies,
created CVE’s, Common Vulnerabilities and Exposures, as a way to identify & name
unique attacks & vectors, track them and make vendors aware, forcing publicity & responses.

	<https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures>
	<https://cve.mitre.org>

The Internet eventually became a significant theatre of Crime & Espionage, Commercial & National Security.

Mandiant was formed in 2004 to identify, track and find sources of APT’s, Advanced Persistent Threats.
In 2010, they described APT’s  tracked in their “M-trends” newsletter.
in Feb 2013, Mandiant publicly described “APT1” and the military unit & location they believed ran it.

	<https://en.wikipedia.org/wiki/Mandiant>
	<https://en.wikipedia.org/wiki/Advanced_persistent_threat>
	<https://www.lawfareblog.com/mandiant-report-apt1>
	<https://www.mandiant.com/resources/blog/mandiant-exposes-apt1-chinas-cyber-espionage-units>

=============

> On 2 Apr 2023, at 02:34, Ron Natalie <ron@ronnatalie.com> wrote:
> 
> Once again, I must dredge up this post from 1991….

=============

For future reference, Kremvax lives! [ datestamp in email header ]

iMac1:steve$ host kremvax.demos.su
	kremvax.demos.su has address 194.87.0.20
	kremvax.demos.su mail is handled by 100 relay2.demos.su.
	kremvax.demos.su mail is handled by 50 relay1.demos.su.

iMac1:steve$ ping -c2 kremvax.demos.su
	PING kremvax.demos.su (194.87.0.20): 56 data bytes
	64 bytes from 194.87.0.20: icmp_seq=0 ttl=46 time=336.127 ms
	64 bytes from 194.87.0.20: icmp_seq=1 ttl=46 time=335.823 ms

--- kremvax.demos.su ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 335.823/335.975/336.127/0.152 ms

=============

--
Steve Jenkin, IT Systems and Design 
0412 786 915 (+61 412 786 915)
PO Box 38, Kippax ACT 2615, AUSTRALIA

mailto:sjenkin@canb.auug.org.au http://members.tip.net.au/~sjenkin