As evidence of the above, three problems have occurred within months of
each other.
In the first, persistent vulnerabilities in the UNIX
sendmail
program
were discussed openly on Internet discussion lists.
Sites that had not corrected their sendmail programs were forced to scramble
to correct the programs before attackers used the vulnerabilities to
attack the sites.
However, due to the complexity of the sendmail program and networking
software in general, three subsequent versions of sendmail were found to
still contain significant vulnerabilities [CIAC94a].
The sendmail program is used widely, and sites without firewalls to limit
access to sendmail are forced to react quickly whenever problems are found
and vulnerabilities revealed.
In the second, a version of a popular and free FTP server was found to
contain a Trojan Horse that permitted privileged access to the server.
Sites using this FTP server, but not necessarily the
contaminated version, were again forced to react very carefully and quickly
to this situation [CIAC94c].
Many sites rely on the wealth of free software available on the Internet,
especially security-related software that adds capability for logging,
access control, and integrity checking that vendors often do not provide
as part of the operating system.
While the software is often high quality, sites may have
little recourse other than to rely on the authors of the software if it is
found to have vulnerabilities and other problems.
The third problem has the strongest implications: [CERT94] and [CIAC94b] reported that intruders had broken into potentially thousands of systems throughout the Internet, including gateways between major networks, and installed sniffer programs to monitor network traffic for usernames and static passwords typed in by users to connect to networked systems. The intruders had used various known techniques for breaking into systems, as well as using passwords that had been ``sniffed.'' One of the implications of this incident is that static or reusable passwords are obsolete for protecting access to user accounts. In fact, a user connecting to a remote system across the Internet may be unintentionally placing that system at risk of attack by intruders who could be monitoring the network traffic to the remote system.
The following sections go into more detail on problems with Internet security. [Garf92], [Cur92], [Bel89], [Ches94], and [Farm93] all provide more background and detail; readers are encouraged to consult these references.