* [TUHS] NSA MILNET IMP 57 & Explosive Bolts [not found] <mailman.0.1546567202.30849.tuhs@minnie.tuhs.org> @ 2019-01-04 2:34 ` Don Hopkins 2019-01-04 2:54 ` Arthur Krewat [not found] ` <CAC20D2MbuQv2XUn5pMromAq+gV1-Mthsa+bPmU_taLWn-x1M7g@mail.gmail.com> 0 siblings, 2 replies; 3+ messages in thread From: Don Hopkins @ 2019-01-04 2:34 UTC (permalink / raw) To: tuhs; +Cc: Don Hopkins (I originally posted this to hacker news, but I’ll repost it here too.) At the University of Maryland, our network access was through the NSA's "secret" MILNET IMP 57 at Fort Mead. It was pretty obvious that UMD got their network access via NSA, because mimsy.umd.edu had a similar "*.57" IP address as dockmaster, tycho and coins. https://emaillab.jp/dns/hosts/ HOST : 26.0.0.57 : TYCHO : PDP-11/70 : UNIX : TCP/TELNET,TCP/SMTP,TCP/FTP : HOST : 26.0.0.57 : DOCKMASTER.NCSC.MIL,DOCKMASTER.DCA.MIL, DOCKMASTER.ARPA : HONEYWELL-DPS-8/70 : MULTICS : TCP/TELNET,TCP/FTP,TCP/SMTP,TCP/ECHO,TCP/DISCARD,ICMP : HOST : 26.1.0.57 : COINS-GATEWAY,COINS : PLURIBUS : PLI :: HOST : 26.2.0.57, 128.8.0.8 : MARYLAND,MIMSY,UMD-CSD,UMD8,UMCP-CS : VAX-11/780 : UNIX : TCP/TELNET,TCP/FTP,TCP/SMTP,UDP,TCP/ECHO,TCP/FINGER,ICMP : https://multicians.org/site-dockmaster.html Whenever the network went down (which was often), we had to call up a machine room at Fort Mead and ask them to please press the reset button on the box labeled "IMP 57". Sometimes the helpful person who answered the phone had no idea which box I meant, so I had describe to him which box to reset over the phone. ("Nope, that didn't work. Try the other one!" ;) They were even generous enough to issue us (CS department systems staff and undergrad students) our own MILNET TACACS card. On mimsy, you could get a list of NSA employees by typing "grep contact /etc/passwd", because each of their courtesy accounts had "network contact" in the gecos field. Before they rolled out TACACS cards, anyone could dial up an IMP and log in without a password, and connect to any host they wanted to, without even having to murder anyone like on TV: https://www.youtube.com/watch?v=hVth6T3gMa0 I found this handy how-to tutorial guide for "Talking to the Milnet NOC" and resetting the LH/DH, which was useful for guiding the NSA employee on the other end of the phone through fixing their end of the problem. What it doesn't mention is that the key box with the chase key was extremely easy to pick with a paperclip. Who would answer the Milnet NOC's 24-hour phone was hit or miss: Some were more helpful and knowledgeable than others, others were quite uptight. Once I told the guy who answered, "Hi, this is the University of Maryland. Our connection to the NSA IMP seems to be down." He barked back: "You can't say that on the telephone! Are you calling on a blue phone?" (I can't remember the exact color, except that it wasn't red: that I would have remembered). I said, "You can't say NSA??! This is a green phone, but there's a black phone in the other room that I could call you back on, but then I couldn't see the hardware." And he said "No, I mean a voice secure line!" I replied, "You do know that this is a university, don't you? We only have black and green phones.” Date: Thu, 11 Sep 86 13:53:45 EDT From: Steve D. Miller <steve@brillig.umd.edu> To: staff@mimsy.umd.edu Subject: Talking to the Milnet NOC This message is intended to be a brief tutorial/compendium of information you probably want to know if you need to see about getting the LH/DH thingy (and us) talking to the world. First, you need the following numbers: (1) Our IMP number (57), (2) Mimsy's milnet host address (26.2.0.57), (3) The circuit number for our link to the NSA (DSEP07500-057) (4) The NOC number itself (692-5726). Second, you need to know something about the hardware. There are three pieces of hardware that make up our side of the link: the LH/DH itself, the ECU, and the modem. The LH/DH and the ECU are the things in the vax lab by brillig; the ECU is the thing on top (with the switches), and the LH/DH is the thing on the bottom. The normal state is to have the four red LEDs on the ECU on and the Host Master Ready, HRY, Imp Master Ready, and IRY lights on at the LH/DH. If these lights are not on, something is wrong. If mimsy is down, then we'll only have some of the lights on, but that should fix itself when mimsy comes up. Some interesting buttons or switches on the ECU are: reset - resets something or another stop - stops something or another start - restarts something or another local loopback -- two switches and two leds; you may need to throw one or the other of these if the NOC asks you to. These loopback switches should be distinguished from those on the modem itself. remote loopback -- like local loopback, but does something else. The modem is in the phone room beside the terminal room (rm. 4322, if memory serves). It can be opened with the chase key from the key box...but if someone official and outside of staff asks you that, you probably shouldn't admit to it. It has a switch on it, too; it seems that switch normally rests in the middle, and there's a "LL" setting to the left which I assume puts the modem in local loopback mode. Now that you have some idea of where things are, call the NOC. Identify yourself as from the University of Maryland, and say that we're not talking to the outside world. They will probably ask for our Milnet address or the number of the IMP we're connected to, and will then poke about and see what's happening. They will ask you to do various things; ask if you're not sure what they mean, but the background info above should help in puzzling it out. Hopefully, this will make it easier to find people to fix our net problems in the future; it's still hard to do 'cause we have so little info (no hardware manual, for example), but this should give us a fighting chance. -Steve There were rumored to be "explosive bolts" on the ARPA/MILNET gateways (whether they were metaphorical or not, I don't know). Here's something interesting that Milo Medin wrote about dual homed sites like NSA and NASA, that were on both the ARPANET and MILNET: To: fair@ucbarpa.berkeley.edu (Erik E. Fair) Cc: Hackers_Guild@ucbvax.berkeley.edu, ucdavis!ccohesh@ucbvax.berkeley.edu Subject: Re: a question of definition Date: Thu, 29 Jan 87 15:33:35 PST From: Milo S. Medin (NASA ARC Code ED) <medin@orion.arpa> Right, the core has many gateways on it now, maybe 20-30. All the LSI's will be stubbed off the core however, and only buttergates will be left after the mailbridges and EGP peers are all converted. Actually, I think DARPA is paying for it all... Ames is *not* getting a mailbridge. You are right of course, that we could use 2 gateways, not just 1 (actually, there will be a prime and backup anyways), and then push routing info appropriately. But that's anything but simple. Firstly, the hosts have to know which gateway to send a packet to a given network, and thus have to pick between the 2. That's a bad idea. It also means that I have to pass all EGP learned info around on the local cable, and if I do that, then I can't have routing info from the local cable pass out via EGP. At least not without violating the current EGP spec. Think about it. It'd be really simple to create a loop that way. Thus, in order to maximize the use of both PSN's, you really need one gateway wired to both PSN's, and just have it advertise a default route inside. Or use a reasonble IGP, of which RIP (aka /etc/routed stuff) is not. I'm hoping to get an RFC out of BBN at this IETF meeting which may go a long way in reducing the use of RIP as an IGP. BTW, NSA is an example of a site on both MILNET and ARPANET but without a mailbridge... There is no restriction that a network can only be on ARPANET or MILNET. That goes against the Internet model of doing things. Our local NASA gatewayed nets will be advertised on both sides. The restriction on BARRNet is that the constituent elements of BARRNet do not all have access to MILNET. NSF has an understanding with DARPA and DCA that NSFnet'd sites can use ARPANET. That does not extend to the MILNET. Thus, Davis can use UCB's or Stanford's, our even NASA's ARPANET gateways, with the approval of the site of course, but not MILNET, even though NASA has MILNET coverage. Thus we are required to restrict BARRNet routing through our MILNET PSN. If we were willing to sponsor UCB's MILNET access, for some requirement which NASA had to implement, then we would turn that on. But BARRNet itself will but cutoff to MILNET (and probably ARPANET too) at Ames, but not cut off to other NASA centers or sites that NASA connects. There is no technical reason that prevents this, in fact, we have to take special measures to prevent it. But those are the rules. Anyways, mailbridge performance should improve after the conversion, so UCB should be in better shape. And you'll certainly be able to talk to us via BARRNnet... I have noticed recently that MILNET<-> ARPANET performance has been particularly poor... Sigh. The DCA folks feel that in case of an emergency they may be forced to use an unsecure network to pass certain info around. The DDN brochure mentions SIOP related data for example. Who knows, if the balloon goes up, the launch order might pass through Evans Hall on its way out to SAC... :-) Milo I dug up an "explosive bolts" reference -- fortunately that brilliant plan didn't get far. (Milo Medin knows this stuff first hand: https://innovation.defense.gov/Media/Biographies/Bio-Display/Article/1395855/milo-medin/ ) To: fair@ucbarpa.berkeley.edu (Erik E. Fair) Cc: ucdavis!ccohesh@ucbvax.berkeley.edu, Hackers_Guild@ucbvax.berkeley.edu Subject: Re: a question of definition Date: Thu, 29 Jan 87 12:29:36 PST From: Milo S. Medin (NASA ARC Code ED) <medin@orion.arpa> Actually its: SCINET -- Secret Compartmented Information Net (if you don't know what compartmented means, you don't need to ask) DODIIS -- DoD Intelligence Information Net The other stuff I think is right, at least without me looking things up. I probably shouldn't have brought this subject of the secure part of the DDN up. People like being low key about such things... Erik, all the BBN gateways on MILNET and ARPANET currently comprise the core, not just mailbridges. Some are used as site gateways, others as EGP neighbors, etc... And just because you are dual homed doesn't mean you get a mailbridge. And the IETF doesn't deal with low level stuff like that; DCA does all that. In fact, the reason we are getting an ARPANET PSN is because when DCA came out to do a site survey, they liked our site so much they asked if they could put one here! It's amazing how many sites have tried to get ARPANET PSN's the right way and have had to wait much longer than us... BTW, since we are dual homed (probably a gateway with 2 1822 interfaces in it), we are taking steps to be sure that people on ARPANET or MILNET can't use our gateway to bypass the mailbridges. The code will be hacked to drop all packets that aren't going to a locally reachable network. BARRNet, even though its locally reachable, will be excluded from this however, since the current procedural limitations call for not allowing any BARRNet traffic to flow out of BARRNet to MILNET and the reverse. NASA traffic of course can traffic through BARRNet, and even use ARPANET that way (though that's not a big deal when we get our own ARPANET PSN). That's because only NASA is authorized to directly connect to MILNET, not UCB or Stanford, etc... DCA must have the ability to partition the ARPANET and MILNET in case of an "emergency", and having non-DCA controlled paths between the nets prevents that. There was talk some time ago about putting explosive bolts in the mailbridges that would be triggered by destruct packets... That idea didn't get far though... The DDN only includes MILNET,ARPANET,SCINET,etc... Not the attached networks. If it did, you'd need to file a TSR to add a PC to your local cable. A TSR is a monstrous piece of paperwork that needs to be done anytime anything is changed on the DDN... Rick knows all about them don't you Rick? The whole network game is filled with acronyms! I gave up trying to write documents with full explainations in terms long ago... I have yet to see a short and concise (and correct) way of describing DDN X.25 Standard Service for example... That's probably one of the harder things about getting into networking these days. We won't even talk about Etherbunnies and Martians and other Millspeak... Milo '1822' Medin ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [TUHS] NSA MILNET IMP 57 & Explosive Bolts 2019-01-04 2:34 ` [TUHS] NSA MILNET IMP 57 & Explosive Bolts Don Hopkins @ 2019-01-04 2:54 ` Arthur Krewat [not found] ` <CAC20D2MbuQv2XUn5pMromAq+gV1-Mthsa+bPmU_taLWn-x1M7g@mail.gmail.com> 1 sibling, 0 replies; 3+ messages in thread From: Arthur Krewat @ 2019-01-04 2:54 UTC (permalink / raw) To: tuhs 415-327-5220 On 1/3/2019 9:34 PM, Don Hopkins wrote: > (I originally posted this to hacker news, but I’ll repost it here too.) > > > > At the University of Maryland, our network access was through the NSA's "secret" MILNET IMP 57 at Fort Mead. It was pretty obvious that UMD got their network access via NSA, because mimsy.umd.edu had a similar "*.57" IP address as dockmaster, tycho and coins. > > https://emaillab.jp/dns/hosts/ > > HOST : 26.0.0.57 : TYCHO : PDP-11/70 : UNIX : TCP/TELNET,TCP/SMTP,TCP/FTP : > HOST : 26.0.0.57 : DOCKMASTER.NCSC.MIL,DOCKMASTER.DCA.MIL, DOCKMASTER.ARPA : HONEYWELL-DPS-8/70 : MULTICS : TCP/TELNET,TCP/FTP,TCP/SMTP,TCP/ECHO,TCP/DISCARD,ICMP : > HOST : 26.1.0.57 : COINS-GATEWAY,COINS : PLURIBUS : PLI :: > HOST : 26.2.0.57, 128.8.0.8 : MARYLAND,MIMSY,UMD-CSD,UMD8,UMCP-CS : VAX-11/780 : UNIX : TCP/TELNET,TCP/FTP,TCP/SMTP,UDP,TCP/ECHO,TCP/FINGER,ICMP : > > https://multicians.org/site-dockmaster.html > > Whenever the network went down (which was often), we had to call up a machine room at Fort Mead and ask them to please press the reset button on the box labeled "IMP 57". Sometimes the helpful person who answered the phone had no idea which box I meant, so I had describe to him which box to reset over the phone. ("Nope, that didn't work. Try the other one!" ;) They were even generous enough to issue us (CS department systems staff and undergrad students) our own MILNET TACACS card. > > On mimsy, you could get a list of NSA employees by typing "grep contact /etc/passwd", because each of their courtesy accounts had "network contact" in the gecos field. > > Before they rolled out TACACS cards, anyone could dial up an IMP and log in without a password, and connect to any host they wanted to, without even having to murder anyone like on TV: > > https://www.youtube.com/watch?v=hVth6T3gMa0 > > > > I found this handy how-to tutorial guide for "Talking to the Milnet NOC" and resetting the LH/DH, which was useful for guiding the NSA employee on the other end of the phone through fixing their end of the problem. What it doesn't mention is that the key box with the chase key was extremely easy to pick with a paperclip. > > Who would answer the Milnet NOC's 24-hour phone was hit or miss: Some were more helpful and knowledgeable than others, others were quite uptight. > > Once I told the guy who answered, "Hi, this is the University of Maryland. Our connection to the NSA IMP seems to be down." He barked back: "You can't say that on the telephone! Are you calling on a blue phone?" (I can't remember the exact color, except that it wasn't red: that I would have remembered). I said, "You can't say NSA??! This is a green phone, but there's a black phone in the other room that I could call you back on, but then I couldn't see the hardware." And he said "No, I mean a voice secure line!" I replied, "You do know that this is a university, don't you? We only have black and green phones.” > > Date: Thu, 11 Sep 86 13:53:45 EDT > From: Steve D. Miller <steve@brillig.umd.edu> > To: staff@mimsy.umd.edu > Subject: Talking to the Milnet NOC > > This message is intended to be a brief tutorial/compendium of > information you probably want to know if you need to see about > getting the LH/DH thingy (and us) talking to the world. > > First, you need the following numbers: > (1) Our IMP number (57), > (2) Mimsy's milnet host address (26.2.0.57), > (3) The circuit number for our link to the NSA > (DSEP07500-057) > (4) The NOC number itself (692-5726). > > Second, you need to know something about the hardware. There > are three pieces of hardware that make up our side of the link: > the LH/DH itself, the ECU, and the modem. The LH/DH and the > ECU are the things in the vax lab by brillig; the ECU is the > thing on top (with the switches), and the LH/DH is the thing > on the bottom. The normal state is to have the four red LEDs > on the ECU on and the Host Master Ready, HRY, Imp Master Ready, > and IRY lights on at the LH/DH. If these lights are not on, > something is wrong. If mimsy is down, then we'll only have some > of the lights on, but that should fix itself when mimsy comes up. > Some interesting buttons or switches on the ECU are: > reset - resets something or another > stop - stops something or another > start - restarts something or another > local loopback -- two switches and two leds; you may need > to throw one or the other of these if the NOC asks > you to. These loopback switches should be distinguished > from those on the modem itself. > remote loopback -- like local loopback, but does something else. > > The modem is in the phone room beside the terminal room (rm. > 4322, if memory serves). It can be opened with the chase key from > the key box...but if someone official and outside of staff asks > you that, you probably shouldn't admit to it. It has a switch on > it, too; it seems that switch normally rests in the middle, and > there's a "LL" setting to the left which I assume puts the modem in > local loopback mode. > > Now that you have some idea of where things are, call the NOC. > Identify yourself as from the University of Maryland, and say that > we're not talking to the outside world. They will probably ask for > our Milnet address or the number of the IMP we're connected to, > and will then poke about and see what's happening. They will ask > you to do various things; ask if you're not sure what they mean, > but the background info above should help in puzzling it out. > > Hopefully, this will make it easier to find people to fix > our net problems in the future; it's still hard to do 'cause > we have so little info (no hardware manual, for example), > but this should give us a fighting chance. > > -Steve > > > > There were rumored to be "explosive bolts" on the ARPA/MILNET gateways (whether they were metaphorical or not, I don't know). > > Here's something interesting that Milo Medin wrote about dual homed sites like NSA and NASA, that were on both the ARPANET and MILNET: > > To: fair@ucbarpa.berkeley.edu (Erik E. Fair) > Cc: Hackers_Guild@ucbvax.berkeley.edu, ucdavis!ccohesh@ucbvax.berkeley.edu > Subject: Re: a question of definition > Date: Thu, 29 Jan 87 15:33:35 PST > From: Milo S. Medin (NASA ARC Code ED) <medin@orion.arpa> > > Right, the core has many gateways on it now, maybe 20-30. All the LSI's will > be stubbed off the core however, and only buttergates will be left after > the mailbridges and EGP peers are all converted. Actually, I think DARPA is > paying for it all... > > Ames is *not* getting a mailbridge. You are right of course, that we could > use 2 gateways, not just 1 (actually, there will be a prime and backup anyways), > and then push routing info appropriately. But that's anything but simple. > Firstly, the hosts have to know which gateway to send a packet to a given > network, and thus have to pick between the 2. That's a bad idea. > It also means that I have to pass all EGP learned info around on the > local cable, and if I do that, then I can't have routing info from > the local cable pass out via EGP. At least not without violating > the current EGP spec. Think about it. It'd be really simple to > create a loop that way. Thus, in order to maximize the use of both > PSN's, you really need one gateway wired to both PSN's, and just > have it advertise a default route inside. Or use a reasonble IGP, > of which RIP (aka /etc/routed stuff) is not. I'm hoping to get > an RFC out of BBN at this IETF meeting which may go a long way in > reducing the use of RIP as an IGP. > > BTW, NSA is an example of a site on both MILNET and ARPANET but without > a mailbridge... > > There is no restriction that a network can only be on ARPANET or MILNET. > That goes against the Internet model of doing things. Our local > NASA gatewayed nets will be advertised on both sides. The restriction > on BARRNet is that the constituent elements of BARRNet do not all > have access to MILNET. NSF has an understanding with DARPA and > DCA that NSFnet'd sites can use ARPANET. That does not extend to > the MILNET. Thus, Davis can use UCB's or Stanford's, our even NASA's > ARPANET gateways, with the approval of the site of course, but > not MILNET, even though NASA has MILNET coverage. Thus we are required > to restrict BARRNet routing through our MILNET PSN. If we were willing > to sponsor UCB's MILNET access, for some requirement which NASA > had to implement, then we would turn that on. But BARRNet itself will > but cutoff to MILNET (and probably ARPANET too) at Ames, but not > cut off to other NASA centers or sites that NASA connects. There is > no technical reason that prevents this, in fact, we have to take > special measures to prevent it. But those are the rules. Anyways, > mailbridge performance should improve after the conversion, so > UCB should be in better shape. And you'll certainly be able to > talk to us via BARRNnet... I have noticed recently that MILNET<-> > ARPANET performance has been particularly poor... Sigh. > > The DCA folks feel that in case of an emergency they may be > forced to use an unsecure network to pass certain info around. The > DDN brochure mentions SIOP related data for example. Who knows, > if the balloon goes up, the launch order might pass through Evans > Hall on its way out to SAC... :-) > > > Milo > > > > I dug up an "explosive bolts" reference -- fortunately that brilliant plan didn't get far. > > (Milo Medin knows this stuff first hand: https://innovation.defense.gov/Media/Biographies/Bio-Display/Article/1395855/milo-medin/ ) > > To: fair@ucbarpa.berkeley.edu (Erik E. Fair) > Cc: ucdavis!ccohesh@ucbvax.berkeley.edu, Hackers_Guild@ucbvax.berkeley.edu > Subject: Re: a question of definition > Date: Thu, 29 Jan 87 12:29:36 PST > From: Milo S. Medin (NASA ARC Code ED) <medin@orion.arpa> > > Actually its: > > SCINET -- Secret Compartmented Information Net (if you don't know what > compartmented means, you don't need to ask) > DODIIS -- DoD Intelligence Information Net > > The other stuff I think is right, at least without me looking things > up. I probably shouldn't have brought this subject of the secure part > of the DDN up. People like being low key about such things... > > Erik, all the BBN gateways on MILNET and ARPANET currently comprise > the core, not just mailbridges. Some are used as site gateways, others > as EGP neighbors, etc... And just because you are dual homed doesn't mean > you get a mailbridge. And the IETF doesn't deal with low level stuff > like that; DCA does all that. In fact, the reason we are getting an > ARPANET PSN is because when DCA came out to do a site survey, they > liked our site so much they asked if they could put one here! It's > amazing how many sites have tried to get ARPANET PSN's the right > way and have had to wait much longer than us... BTW, since we are > dual homed (probably a gateway with 2 1822 interfaces in it), we > are taking steps to be sure that people on ARPANET or MILNET can't > use our gateway to bypass the mailbridges. The code will be hacked > to drop all packets that aren't going to a locally reachable network. > BARRNet, even though its locally reachable, will be excluded > from this however, since the current procedural limitations call for > not allowing any BARRNet traffic to flow out of BARRNet to MILNET > and the reverse. NASA traffic of course can traffic through BARRNet, > and even use ARPANET that way (though that's not a big deal when > we get our own ARPANET PSN). That's because only NASA is authorized > to directly connect to MILNET, not UCB or Stanford, etc... > > DCA must have the ability to partition the ARPANET and MILNET in > case of an "emergency", and having non-DCA controlled paths between > the nets prevents that. There was talk some time ago about putting > explosive bolts in the mailbridges that would be triggered by > destruct packets... That idea didn't get far though... > > The DDN only includes MILNET,ARPANET,SCINET,etc... Not the attached > networks. If it did, you'd need to file a TSR to add a PC to your > local cable. A TSR is a monstrous piece of paperwork that needs to > be done anytime anything is changed on the DDN... Rick knows all > about them don't you Rick? > > The whole network game is filled with acronyms! I gave up trying > to write documents with full explainations in terms long ago... > I have yet to see a short and concise (and correct) way of describing > DDN X.25 Standard Service for example... That's probably one of the > harder things about getting into networking these days. We won't > even talk about Etherbunnies and Martians and other Millspeak... > > Milo '1822' Medin > > > ^ permalink raw reply [flat|nested] 3+ messages in thread
[parent not found: <CAC20D2MbuQv2XUn5pMromAq+gV1-Mthsa+bPmU_taLWn-x1M7g@mail.gmail.com>]
* Re: [TUHS] NSA MILNET IMP 57 & Explosive Bolts [not found] ` <CAC20D2MbuQv2XUn5pMromAq+gV1-Mthsa+bPmU_taLWn-x1M7g@mail.gmail.com> @ 2019-01-04 22:43 ` Don Hopkins 0 siblings, 0 replies; 3+ messages in thread From: Don Hopkins @ 2019-01-04 22:43 UTC (permalink / raw) To: Clem Cole; +Cc: tuhs On 4 Jan 2019, at 21:46, Clem Cole <clemc@ccc.com> wrote: >From where did that wonderful clip come? It's clearly a sequence from something else. I've never seen it before. >Thanks, >Clem They were from my email archives of Hackers_Guild and the umd cs department staff mailing list. Does anybody else have any h_g archives sitting around? Here’s some more funny stuff about the NSA! Gotta love how Brian Reid and Rick Adams weigh in. ;) -Don From: yee@dali.berkeley.edu (Peter E. Yee) Subject: For those who missed 997@lll-crg, here it is Date: 19 November 1985 at 15:58:08 CET To: hackers_guild@ucbvax.berkeley.edu Relay-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site lll-crg.ARpA Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site lll-crg.ARpA Path: lll-crg!bandy From: bandy@lll-crg.ARpA (Andrew Scott Beals) Newsgroups: net.net-people Subject: oh YES the NSA is on the net! Message-ID: <997@lll-crg.ARpA> Date: 19 Nov 85 07:11:36 GMT Date-Received: 19 Nov 85 07:11:36 GMT References: <324@ucdavis.UUCP> <2253@umcp-cs.UUCP> Reply-To: bandy@lll-crg.UUCP (Andrew Scott Beals) Distribution: net Organization: Computation Research Group, Lawrence Livermore Labs Lines: 94 Summary: (let's say) unintentional dis-information corrected In article <2253@umcp-cs.UUCP> tlr@umcp-cs.UUCP (Terry L. Ridder) writes: I can almost guarantee that the National Security Agency is not on USENET or ARPANET. I can further almost guarantee that very few employees of NSA are even aware that USENET exist. Signed Terry L. Ridder UUCP: seismo!(mimsy.umd.edu|neurad)!bilbo!wiretap!(root|tlr) ^^^^^^^ PHONE: 301-490-2248 (home) 301-859-6642 (work) Right. There used to be a host called "TYCHO" (nickname "NSA") at host zero on imp fifty-seven. (26.0.0.57) (information taken from the old NIC (Network Information Center for Internet) host tables) Now there is a machine called "DOCKMASTER" on that same imp port (TYCHO was an old PDP-11 running version 6 unix (which rumors had flown for quite some time that someone actually proved was secure)). Here is what the NIC has to say about DOCKMASTER: The National Computer Security Center (DOCKMASTER) 820 Elkridge Landing Road Room A1127, Building FANX-II Linthicum, MD 21090 NetAddress: 26.0.0.57 Nicknames: NCSC-MULTICS Host Administrator and Liaison: Aliff, Stephen W. (SWA1) Aliff.DODCSC@MIT-MULTICS (301) 850-5888 Multics, if I remember correctly, was just given some level of certification by the government that it was secure. Interesting, no? Unfortunately, I'm not nearly as much of a Packrat as some might like to think so I don't have a Maryland phone book (I do have my silly putty though), so I can't tell you where this exchange is located (nor where Terry's work number is located). However, looking up Linthicum MD (I was born and raised just north of DC) shows that it's just north of BWI (airport). There is a NASA center right near there and next to that is an un-marked (of course) NSA center. All of this points that imp 57 is still NSA's imp. NIC has this to say about host 1 on imp 57: National Security Agency (COINS-GATEWAY) COINS Network Control Center Fort George G. Meade, MD 20755 NetAddress: 26.1.0.57 Nicknames: COINS Host Administrator and Liaison: Smith, Ronald L. (RLS6) COINS@USC-ISI (301) 688-6375 The NIC generally likes to give a machine the name "-GATEWAY" when that machine is a gateway into another part of the internet. (the machine type of COINS is a Plurbus, which is a multiprocessor gateway machine manufactured by BBN (the folks who do the ARPANET and MILNET hardware). In any case, it seems that Mr Ridder is un-(or mis-?)informed. Side note: at the last (Portland) USENIX, I happened across a gentlemen (very cleancut) whose badge listed him as working for the "Department of Defense, Fort Meade Maryland". I said "Oh, you're one of those NSA guys!" To which he replied "How did you know?!"... "Everyone else in DOD says /which/ part of DOD they work for..." andrew scott beals lawrence livermore national laboratory/university of california Pooh-bah for LLL-CRG.ARPA (415) 423-1948 (work) (533-1948 (FTS)) ps. In case anyone is wondering and before you go giving my name to people that I don't want to talk to (like the Kind Folks at the NSA (but I'm sure they've heard of me or will before I finish up with my current round of paperwork with the DOE/OPM/FBI)), I obtained all of this information through public channels. -- There once was a thing called a V-2, To pilot which you did not need to-- You just pushed a button, And it would leave nuttin' But stiffs and big holes and debris, too. andy beals - bandy@lll-crg.arpa - {seismo,ihnp4!sun,dual}!lll-crg!bandy From: jordan@ucbarpa.berkeley.edu (Jordan Hayes) Subject: Re: ``dockmaster'' Date: 19 November 1985 at 16:27:34 CET To: hackers_guild@ucbvax.berkeley.edu for those so inclined, they should look at what is on port 2 of that imp ... hmmm ... sorta like putting the CIA on port 4 of imp 78 ... /jordan From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: Re: ``dockmaster'' Date: 19 November 1985 at 18:27:27 CET To: hackers_guild@ucbvax.berkeley.edu, jordan@ucbarpa.berkeley.edu Maryland lets NSA people use mimsy. The NSA is interested in the supercomputer designs that they're working on there... (which is why they have an imp connection) In any case, I just got a long note from Mr Ridder. I'll forward it to you when I'm done reading my mail... andy From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: message from Mr. Ridder Date: 19 November 1985 at 18:31:44 CET To: hackers_guild@lll-crg.ARPA From tlr@mimsy.umd.edu Tue Nov 19 06:13:44 1985 Date: Tue, 19 Nov 85 09:12:54 EST From: Terry L. Ridder <tlr@mimsy.umd.edu> Subject: Your posting Mr. Andrew Scott Beals I am writing to inform you of at least two facts: The computer named "wiretap" belongs to my children, age 9, age 7, age 2. Jennifer, the 7 year old, named the computer. Sarah, the 9 year old, named the other computer "bilbo". Bilbo and wiretap are both private machines. The are owned by my family and I. They are in no way shape or form associated with the NSA. Concerning your posting, I am concerned that you have no regard for the safety of federal employees. Your posting is marked for distribution "net", if you would look at the two previous posting they are marked for distribution 'usa'. Therefore, you probably have just told most of the world the location of what you believe to be an NSA facility. This probably has made the location a target for any of a number of terrorist groups. What if you are wrong? You have place in danger the lifes of innocent people. Just because you may think you know something does not mean that you tell most of the world. I would hope that in the future that you would take the time to think about all the ramifications before making a posting, similiar in nature to the one in question. I would hope that you will send out a cancel message on your posting, before it gets to far. I sincerely hope that you restrict your speculations about my family's association with any federal agency. I hope also that you are mature enough to post an apology for inferring that my computers were associated with the NSA. I do not want to think of what the implications are from that speculation on your part. You may have damaged my family's reputation and my own reputation. Please be a little more responsible in the future. Engage brain before fingers. Signed Terry L. Ridder for the Terry L. Ridder family --------------------- From: fair@ucbarpa.berkeley.edu (Erik E. Fair) Subject: Re: message from Mr. Ridder Date: 19 November 1985 at 18:42:34 CET To: bandy@lll-crg.ARPA Cc: Hackers_Guild@ucbvax.berkeley.edu I wonder if this bozoid has ever read `The Puzzle Palace'? It identifies several `secret' NSA installations, including one out in the wilds of Sonoma, just over the border from Marin County, along the road from Tomales to Petaluma. All from public sources and Freedom Of Information Act suits. Erik E. Fair ucbvax!fair fair@ucbarpa.berkeley.edu P.S. Be sure to waive hello in your Email to the folks at the Maryland Procurement Office... From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: Re: message from Mr. Ridder Date: 19 November 1985 at 19:11:36 CET To: fair@ucbarpa.berkeley.edu Cc: Hackers_Guild@ucbvax.berkeley.edu [mimsy.umd.edu] Login name: tlr In real life: Terry L. Ridder Office: Laurel MD 20707 Office phone: 859-6642 Home phone: 490-2248 Arpanet Sponsor Directory: /u/tlr Shell: /bin/csh Last login Tue Nov 19 09:17 on tty04 Project: To find a new job, raise three children, and have time for the wife. Plan: To move overseas. ---------------------- Well, this is what it has to say about him. Arpanet sponsor, eh? andy From: fair@ucbarpa.berkeley.edu (Erik E. Fair) Subject: Re: message from Mr. Ridder Date: 19 November 1985 at 19:48:41 CET To: bandy@lll-crg.ARPA Cc: Hackers_Guild@ucbvax.berkeley.edu Ask Chris Torek what an `Arpanet Sponsor' is... Erik From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: more follies, dt if uninterested Date: 20 November 1985 at 02:10:30 CET To: hackers_guild@lll-crg.ARPA Seems that the gentleman doesn't read his fucking news before going off at the handle. I sent him an "Excuse me, but if you look at article ..." note. LLL General consul? Snicker snicker. Maybe Postmaster or root or usenet will get a nice note from him telling me what a Bad Boy I've been... :-) andy ----------------------- Date: Tue, 19 Nov 85 18:46:28 EST From: Terry L. Ridder <tlr@mimsy.umd.edu> Subject: apology is inorder Mr. Andrew Scott Beals I again ask that you act in a mature manner and post an apology concerning your inferring that my private computers are associated with the NSA. If you choose not to, would you be kind enough to inform me what the phone number is for LLL general consul is? Signed Terry L. Ridder From: jordan@ucbarpa.berkeley.edu (Jordan Hayes) Subject: Re: ridder me this ... Date: 20 November 1985 at 02:59:22 CET To: hackers_guild@ucbvax.berkeley.edu Methinks either the man is an idiot or he's not really a force to be reckoned with. If his main mail machine is mimsy, that means he's on the same imp ... since NSA people have accounts at umd, maybe he's FROM the NSA ... hmmm ... /jordan From: Milo S. Medin (NASA ARC Code ED) <medin@orion.ARPA> Subject: Re: message from Mr. Ridder Date: 20 November 1985 at 03:03:55 CET To: Andrew Scott Beals <bandy@lll-crg.ARPA> Cc: fair@ucbarpa.berkeley.edu, Hackers_Guild@ucbvax.berkeley.edu LLL general counsel? uh oh..... That means lawyers.... Milo From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: ridder me this Date: 20 November 1985 at 03:14:56 CET To: hackers_guild@lll-crg.ARPA One of my sources tells me that Mr Ridder is indeed an NSA person. Chris Torek told me that an "Arpanet Sponsor" in their terminology means that he's one of the people who helped them get on the network. andy From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: Re: Ridder me this (qualification) Date: 20 November 1985 at 03:31:22 CET To: bandy@ll-crg.ARPA, deboor%buddy@ucbvax.berkeley.edu Cc: hackers_guild@ucbvax.berkeley.edu Oh, I already sent him an apology. Here it is: Relay-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site lll-crg.ARpA Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site lll-crg.ARpA Path: lll-crg!bandy From: bandy@lll-crg.ARpA (Andrew Scott Beals) Newsgroups: net.net-people Subject: Apology to Terry Ridder Message-ID: <998@lll-crg.ARpA> Date: 19 Nov 85 17:37:12 GMT Date-Received: 19 Nov 85 17:37:12 GMT References: <324@ucdavis.UUCP> <2253@umcp-cs.UUCP> <997@lll-crg.ARpA> Reply-To: bandy@lll-crg.UUCP (Andrew Scott Beals) Distribution: net Organization: Computation Research Group, Lawrence Livermore Labs Lines: 15 I would like to take this opportunity to formally extend my apologies to Terry L. Ridder (tlr@mimsy.umd.edu) and his family for insinuating that their home machines (bilbo and wiretap) and any association with any Federal agency (the NSA in this case). andrew scott beals uc/llnl -- There once was a thing called a V-2, To pilot which you did not need to-- You just pushed a button, And it would leave nuttin' But stiffs and big holes and debris, too. andy beals - bandy@lll-crg.arpa - {seismo,ihnp4!sun,dual}!lll-crg!bandy --------------------- What was interesting was that the file was ~news/net/net-people/666 ... Tee hee hee. andy From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: calling LLL {lawyers,diplomats} Date: 20 November 1985 at 03:38:35 CET To: hackers_guild@lll-crg.ARPA Of course, they'll tell him that "Anything that our employees say is their own opinion unless they are a member of the LLNL Public Information group and are speaking in an official capacity." "Pin-heads. Pin-heads. Roly-poly pin-heads. Pin-heads. Pin-heads. Watch them lose. Yow!" andy From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: teehee Date: 20 November 1985 at 17:18:25 CET To: hackers_guild@ucbvax.berkeley.edu From reid@glacier Wed Nov 20 06:59:01 1985 Date: Wed, 20 Nov 85 06:57:35 pst From: Brian Reid <reid@glacier> Subject: Re: Apology to Terry Ridder Newsgroups: net.net-people Organization: Stanford University, Computer Systems Lab Terry Ridder is one of the biggest assholes on earth, and I can't fathom anybody owing him an apology about anything. Oh well. -- Brian Reid decwrl!glacier!reid Stanford reid@SU-Glacier.ARPA From: Andrew Scott Beals <bandy@lll-crg.ARPA> Subject: philngai on tlr Date: 21 November 1985 at 07:21:35 CET To: hackers_guild@lll-crg.ARPA From amdcad!phil Wed Nov 20 20:41:58 1985 Date: Wed, 20 Nov 85 20:08:04 pst From: amdcad!phil (Phil Ngai) Subject: Re: message from Mr. Ridder what kind of asshole names a computer wiretap and then complains when others make seemingly reasonable assumptions about it? who should engage their brain, that's what i want to know. -- Raise snails for fun and profit! Race them for amusement! Then eat the losers! Phil Ngai +1 408 749-5720 UUCP: {ucbvax,decwrl,ihnp4,allegra}!amdcad!phil ARPA: amdcad!phil@decwrl.dec.com From: cuuxb!jab@lll-crg.ARPA Subject: Re: message from Mr. Ridder Date: 24 November 1985 at 02:25:13 CET To: lll-crg!sdcsvax.arpa!hutch@lll-crg.ARPA Cc: lll-crg!hackers_guild@ucbvax.berkeley.edu The Ridder guy is a jerk. I would wonder why the ARPANET knows about his private machines, anyhow: sounds like a misuse of government funding. Jeff Bowles Lisle, IL From: Donnalyn Frey <donnalyn@seismo.css.gov> Subject: Re: private machines on internet Date: 24 November 1985 at 06:08:34 CET To: cuuxb!jab@lll-crg.ARPA, deboor%buddy@ucbvax.berkeley.edu Cc: hackers_guild@ucbvax.berkeley.edu Ridders machines are NOT on the arpanet. They have uucp links to Uof Maryland. Ridder himself has an account on mimsy.umd.edu. Ridders two machines were named by his children. ONe had just finished reading teh Hobbit (hence bilbo, despite the 2 other known bilbos [not to be confused with certain dildos being discussed]) and the other had finished some spy book, hence wiretap. He is quite pompous and seems to think the world revolves around him. We asked him to rename "bilbo" to not conflict. He replied that the other machines should change because he had already named his machine. By the way, we're talking about toys here (maybe somthing as expensive as an IBM-PC) not the "real" machines you might be led to believe. He is best ignored. ---rick ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-01-04 22:44 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <mailman.0.1546567202.30849.tuhs@minnie.tuhs.org> 2019-01-04 2:34 ` [TUHS] NSA MILNET IMP 57 & Explosive Bolts Don Hopkins 2019-01-04 2:54 ` Arthur Krewat [not found] ` <CAC20D2MbuQv2XUn5pMromAq+gV1-Mthsa+bPmU_taLWn-x1M7g@mail.gmail.com> 2019-01-04 22:43 ` Don Hopkins
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).