advertising information
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




DOD overhauls network to thwart hackers

May 4, 1999
Web posted at: 3:19 p.m. EDT (1919 GMT)

by Bob Brewin

Federal Computer Week

(IDG) -- The Defense Department has started an overhaul of its global unclassified network to fight off the barrage of hacker attacks the department's systems suffer and to increase capacity to handle a huge rise in traffic to and from the Internet.

The Defense Information Systems Agency plans to redesign its Non-Classified Internet Protocol Router Network, DOD's primary entry into commercial World Wide Web sites, to take advantage of enhanced security measures and to improve overall performance.

The NIPRNET redesign, scheduled for completion in December with main network components slated for installation no later than June, will provide DOD with a network better designed to stave off hacker attacks that hit DOD systems at a rate of 250,000 a year, according to a DOD source briefed on the network plan.

Tony Montemarano, chief of Defense Information Systems Network services for DISA, said the agency is well on its way with the NIPRNET upgrade. "The equipment is purchased, and we are upgrading software loads," Montemarano said.

He said that besides providing security, the NIPRNET upgrade also will provide "protection against denial-of-service attacks.... We want to be able to guarantee the availability of the network as well as provide additional security for the users."

DISA's plans include the filtering of what DISA called "notorious" protocols routinely exploited by hackers, according to briefing slides obtained by Federal Computer Week.

The protocols include the PostOffice Protocol (POP), which allows remote users to read e-mail stored on a central server; remote-access protocols, which allow users to read their e-mail from another system; and Packet Internet Groper (Ping), which hackers use to disable networks by overloading them with a command.

  Federal Computer Week home page
  Federal Computer Week's Y2K resource page
  Year 2000 World
 Reviews & in-depth info at's personal news page's products pages
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletters
  Search in 12 languages
 News Radio
 * Fusion audio primers
 * Computerworld Minute

According to the briefing slides, DISA plans to start filtering out these protocols by July. But the agency said it has not made any decision yet on which protocols to filter.

Montemarano declined to quantify the degree of security that the NIPRNET upgrade will provide, except to say, "It will be better...and performance will be improved considerably."

DISA is doubling the number of NIPRNET connections to the Internet because of the huge increase in traffic spurred by the development of the World Wide Web and the amount of information residing on Web sites outside NIPRNET, Montemarano said. "There is so much information out there our users want," he said.

Increasing capacity also is a security measure. The inability of NIPRNET to handle the loads imposed by Web traffic without lags or delays had resulted in numerous military commands installing Internet "backdoors" on their systems.

DISA is looking to eliminate such backdoor connections. According to the DISA briefing, no unit or command will be allowed to connect a local- or wide-area network to NIPRNET until the network goes through a formal connection approval process.

Rear Adm. John Gauss, commander of the Space and Naval Warfare Systems Command, said he believes the NIPRNET redesign offers a better security alternative than the almost total retreat from the Internet advocated by Lt. Gen. William Campbell, the Army's director of information systems for command, control, communications and computers.

"Campbell accurately addressed the threat," Gauss said, "but the thing I have to ponder is, [considering] the amount of electronic commerce we do with industry, is it viable just to disconnect from the Internet? What DISA is doing will protect DOD computing and still give us a viable means of communicating with industry."

Insurgency on the Internet

Navaho Lock keeps snoops at bay with unbreakable code
April 30, 1999
Free software fights Net snoopers
April 30, 1999
Start-up puts hackers on BlackICE
April 22, 1999

DOD leaders mull Internet disconnect
(Federal Computer Week)
Advanced hacks sting Pentagon
(Federal Computer Week)
Study warns of a new cyberterrorism called 'netwar'
(Federal Computer Week)
Serb supporters sock it to NATO and U.S. computers
(InfoWorld Electric)
DOD detects internationally coordinated hacker attack
(Federal Computer Week)

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Official Web site for the Department of Defense
Defense Information Systems Agency

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.