***********************************************************************
DDN Security Bulletin 90-04      DCA DDN Defense Communications System
2 Mar 90                Published by: DDN Security Coordination Center
                                     (SCC@NIC.DDN.MIL)  (800) 235-3155

                        DEFENSE  DATA  NETWORK
                          SECURITY  BULLETIN

The DDN  SECURITY BULLETIN  is distributed  by the  DDN SCC  (Security
Coordination Center) under  DCA contract as  a means of  communicating
information on network and host security exposures, fixes, &  concerns
to security & management personnel at DDN facilities.  Back issues may
be  obtained  via  FTP  (or  Kermit)  from  NIC.DDN.MIL  [26.0.0.73 or
10.0.0.51] using login="anonymous" and password="guest".  The bulletin
pathname is SCC:DDN-SECURITY-yy-nn (where "yy" is the year the bulletin
is issued and "nn" is a bulletin number, e.g. SCC:DDN-SECURITY-90-01).
**********************************************************************

                  COMPUTER SYSTEM "WELCOME" BANNERS

1.  The Defense Communications Agency/Data Systems Management
Division (DDO) is in the process of fielding a patch to all
Defense Data Network (DDN) Terminal Access Controllers (TACs)
that will remove the DDN "Welcome" banners.  This is being
accomplished as a security measure for the following
principle reasons:

   a.  To terminate the identification of the system as belonging to
the DDN/MILNET, and to terminate the identification of the type of
operating system or software in use on the system.  All too often
intruders stumble by chance upon a MILNET host because the system is
identified in the banner as being "defense" and/or "For Official Use
Only".  Intruders can also use software or operating system
information from the banner to facilitate an intrusion.  Therefore,
it is best not to identify a system at all in its banner.

   b.  A court recently threw out a suit against a computer system
intruder because the logon prompt was preceded with "Welcome to...".


2.  Request Host Administrators and other addressees, in favor of
tighter security, take an active role in getting their
commands/units/organizations to change existing logon banners to
make certain that the identity of their data systems is not displayed,
and to halt the use of "Welcome".