25,000-Ton Amphibious Spam Relay 323
hormiga writes "The amphibious transport dock ship
San Antonio
incorporates the latest quality of life standards for the embarked Marines and sailors, including the sit-up berth, ship services mall, a fitness center and learning resource center/electronic classroom and
Unsolicited Bulk E-Mail. Now the Chinese can relay
their spam through U.S. military naval vessels." Well, Chinese spammers, anyhow.
That's an act of WAR! (Score:5, Funny)
They have a sense of humor (Score:3, Insightful)
Re:They have a sense of humor (Score:5, Funny)
Re:They have a sense of humor (Score:4, Interesting)
Well, defense is their business, isn't it?
Clickable Link (Score:2)
Re:That's an act of WAR! (Score:5, Funny)
Your tax dollars hard at work (Score:5, Interesting)
This is the ideal goverment. The tax dollars working directly for its citizens.
-Grump
Re:Your tax dollars hard at work (Score:5, Informative)
These technicial-draftees are extraordinarily busy. They're asked to manage really complex systems that are not terribly reliable. MS Exchange and Win2k require good people to keep them going, but throw database replication systems and the rest of their suite on top, and they spend more of their time crying for help to shoreside contractors than getting things fixed. That their MS Exchange server got penetrated is hardly a surprise given the number of fires these guys are regularly trying to keep under control.
If they can get professional DBA's and Network Engineers on each ship and this happens, then I'd raise hell. But there aren't a whole lot of MSCEs and DBAs that want to go on 9 month sea deployments of 16-hour days with the starting salary of an E-3, which I guess is about $800/month. In the meantime, scream at Lockheed Martin, the contractor for the Navy-Marine Corps Internet (NMCI) project, which has hosed up more than they have fixed. NMCI dictates identical configurations across all systems, which makes it really likely that the vulnerability we see here exists virtually everywhere in the Navy. Lockheed designed it this way, and got paid an enormous pile of cash to do so.
Maybe they owe us a refund?
Re:Your tax dollars hard at work (Score:5, Informative)
am I the only one... (Score:5, Funny)
Re:am I the only one... (Score:2)
Re:am I the only one... (Score:3, Funny)
Errrr, hang on a sec...Error: process 'raven' terminated abnormally, infinite recursion detected
Amphibious Spam Relay? (Score:4, Funny)
Re:Amphibious Spam Relay? Nor really (Score:2, Funny)
Re:Amphibious Spam Relay? Nor really (Score:5, Funny)
Re:Amphibious Spam Relay? (Score:2)
"SOYLENT SPAM IS FROGS!!!"
Leave the French out of this.
Wrong move. (Score:5, Funny)
2000 gung-ho, pissed of marines with landing craft, naval support and air support vs pasty chinese spammer with goverment welfare support.
Re:Wrong move. (Score:5, Funny)
slashdotted (Score:2)
Man your inboxes... (Score:5, Funny)
Sure they wouldn't attack Nigeria though? After all, they'd want to collect on those millions they were promised by Mr Sebeko, cousin of the ex-Finance Minister.
Re:Man your inboxes... (Score:5, Funny)
Since there are spammers who spam about "anti-spam" tools does this mean arms dealers will be getting in on the act.
"To cut down on yore SPAM you can now buy everything from torpedos to nuklear kruise missiles at a *BARGIN* price..."
Re:Man your inboxes... (Score:2)
Re:Man your inboxes... (Score:2, Funny)
ouch*ow! that hurts!
Re:Wrong move. (Score:5, Funny)
Who knows kung fu.
I mean, if we're gonna pull out racist stereotypes, let's pull them all out, huh?
Re:Wrong move. (Score:2)
Keanu Reeves isn't chinese you insensitive clod!
Re:Wrong move. (Score:3, Insightful)
Just give me 20 aryan Waffen-SS men with real skills and discipline. Beats that stuff you scratched off the streets ("marines") anytime.
Yeah, those Waffen SS.. they sure showed those Marines a thing or two in WWII... oh wait...
Yeesh... (Score:3, Funny)
yuk yuk yuk
"Red" Chinese? (Score:5, Funny)
Somebody's watched to many Cold-War-era action movies.
MAKE IT BIGGER 39586-184=50 (Score:5, Funny)
Jeeze (Score:2, Funny)
Perhaps we need to create a 'great firewall' of our own.
And to think that our tax dollars are being subverted to send spam.
Ignore them.. (Score:2, Flamebait)
Re:Ignore them.. (Score:2)
Oh, man! Now how will I be able to join the Navy [narod.ru]?
On the other hand, we'll always have Xanadu [cult-film.com].
Blacklisting the United States Navy? (Score:5, Insightful)
But in all honesty, I'm sure (or at least I hope) more attention is given to the confidential systems than the SMTP server that the troops play around with...
Re:Blacklisting the United States Navy? (Score:5, Funny)
Re:Blacklisting the United States Navy? (Score:5, Funny)
The Tomahawk's warhead does make for (if you will pardon the clicheed phrase) the 'mother of all DOS attacks', though...
Part of the plan? (Score:5, Funny)
Too late (Score:2)
Re:Part of the plan? (Score:3, Funny)
slashdotters in the military? (Score:5, Interesting)
telnet 205.67.231.235 25
Trying...
Connected to 205.67.231.235.
Escape character is '^]'.
421 avnavfw.AVONDALE Sorry, the firewall does not provide mail service to you.
Connection closed.
Re:slashdotters in the military? (Score:2, Insightful)
Reminds me of the slew of buzzwords used in the movie Swordfish.
Re:slashdotters in the military? (Score:3, Interesting)
How do you know the firewall isn't generating that message? A firewall can dd more than just drop packets.
Re:slashdotters in the military? (Score:2)
If you have a firewall that can dd drop[ed] packets, then have I got a deal on a bridge for you!
Re:slashdotters in the military? (Score:3, Funny)
Bridges are passe - tell him it's a router
Re:slashdotters in the military? (Score:3, Funny)
The tv show 24 really basterizes computer terms.
"Mount the filter to my screen so I can route it through the log files."
Still a good show.
Re:slashdotters in the military? (Score:3, Interesting)
There's another 'antiterror' drama on too, one episode they landed a cargo plane on a carrier (which has been done, once). The show was just SO lame though, there was NO regard for
Re:slashdotters in the military? (Score:4, Insightful)
When you stare at the production script, there isn't a whole lot of detail there. The things like how many times a gun fires and damage effects and whatnot are not up to the writer in most cases. It's all decided by whoever they've hired to handle effects, or sometimes the director, and occasionally by someone with real expertise in the field, but more likely enough expertise in the field, but more expertise in keeping it interesting.
Or to put it another way
Technical accuracy is boring to most theatre-goers.
Re:slashdotters in the military? (Score:3, Funny)
--I find your lack of faith in theatre-goers... Disturbing.
Re:slashdotters in the military? (Score:4, Informative)
It seems like YOU can't figure out what you're talking about.
Re:slashdotters in the military? (Score:3, Funny)
You sound like a typical "I installed ipchains on my Linux box so I am a firewall admin" n00b. Ever hear of proxy firewalls? Sheesh.
Re:slashdotters in the military? (Score:3, Informative)
Re:slashdotters in the military? (Score:5, Informative)
Um, no. It is possible for a firewall to exist such that if you connect to it on port 25, and you're authorized to talk to that site's mail server, it passes your packets through the firewall and on to the mail server. If you are not authorized, it either drops your packets on the floor, or respond with a message such as this one. 421 is the RFC822 code for "service not available". Just because a machine answers on 25 does not mean it's a "mail server" (tm). What it's saying is "I am not going to provide mail service to you because I don't know your IP address." 'Mail service" simply means "access to some sort of MTA". It does not imply that the machine is in fact a mail server masquerading as a firewall. There are such things a proxy firewalls, and that's clearly what this is.
Re:slashdotters in the military? (Score:5, Informative)
Its an SMTP proxy; if you try to connect to the firewall or an SMTP server on the far side of it on port 25 (or other configured ports) and there's no rule allowing it, you get this message.
Blocking all email? (Score:2)
Re:Blocking all email? (Score:2)
Re:slashdotters in the military? (Score:3, Informative)
It was closed when I hit it. Can't say how long it had been in that state, hence my speculative subject line.
This is a good thing! (Score:5, Funny)
That will slow down the PRC armies long enough for us to convince them that they don't really need Tawian and should focus on switching over to an economy based on turkey guts [slashdot.org].
Evangelizing turkey guts since mid-2003.
Re:This is a good thing! (Score:2)
What a cash cow! With their average length, that market must be screaming for this product.
(Sorry, couldn't resist)
Text of the Article (Score:5, Informative)
(Landing Craft Air Cushion vehicle), the "Triple A-V" (AAAV -
Advanced Amphibious Assault Vehicle) and the MV-22 (Osprey
tiltrotor aircraft),
and (apparently) spammers in Guandong. Rd China.
Furthermore, San Antonio incorporates the latest quality of life
standards for the embarked Marines and sailors, including the sit-up
berth, ship services mall, a fitness center and learning resource
center/electronic classroom
and Unsolicited Bulk E-Mail.
Of course, it's possible that one of the OTHER eleven ships, still under
construction, is the Avondale, LA dot-MIL spam relay, or trojaned boat,
or some nice-and-secure Windows box in the construction drydocks, running
Microsoft Exchange Internet Mail Service Version 5.5.2653.13
But doesn't it make all Americans feel all fuzzy and secure that a
Red Chinese spammer can abuse a US Naval Vessel of one of the newest
designs, to relay his "business proposition"?
Perhaps it's tied to the USS Green Bay, instead? or USS New Orleans?
http://www.navsea.navy.mil/newswire_content.asp?tx tDataID=8963&txtTypeID=2
The USS Mesa Verde, seems to be in Mississippi, instead
http://www.navsea.navy.mil/newswire_content.asp?tx tDataID=8663&txtTypeID=2
But the E-Mail headers finger the USS San Antonio, LPD 17, already
christened, and due for commissioning some time this coming year.
LPD 17 Looks Like a "Gator"
http://www.navsea.navy.mil/newswire_content.asp?tx tDataID=8596&txtTypeID=2
but from here, it just looks like another spammer.
[SPECIMEN]
H: Return-Path:
H: Received: from avnavfw.lpd17.navsea.navy.mil
H: (avnavfw.pms317.navy.mil [05.67.231.235])
H: by mail.gtcs.com (8.12.10/8.11.3/gtcs-6.3.8) with SMTP
H: id hBG65HO8091853
H: for ; Mon, 15 Dec 2003 23:06:39 -0700 (MST)
H: (envelope-from: )
H: X-Authentication-Warning: serv.gtcs.com: Host
H: avnavfw.pms317.navy.mil [205.67.231.235]
H: claimed to be avnavfw.lpd17.navsea.navy.mil
H: Received: from no.name.available by anavfw.lpd17.navsea.navy.mil
H: via smtpd (for [209.181.16.1]) with SMTP; 16 Dec 2003 05:53:08 UT
H: Received: from avnavfw.AVONDALE (205.67.231.5 [205.67.231.5]) by
H: swn-email.lpd17.navy.mil with SMTP (Microsoft Exchange Internet Mail
H: Service Version 5.5.2653.13)
H: id YY2BDP4P; Tue, 16 Dec 2003 00:07:28 -0600
H: From: "HuatonE-ScooterCo.,Ltd"
H: Received: from [61.145.234.62] by avnavfw.AVONDALE
H: via smtpd (for [205.66.99.30]) with SMTP; 16 Dec 2003 05:51:47 UT
H: Subject: Re.About our new product
H: Content-Type: text/html
H: Date: Tue, 16 Dec 2003 13:57:41 +0800
H: X-Priority: 3
[extract from HTML body]
B: Our company specializes in exporting electric & gas scooters, which
B: are most popular with our customers at home and abroad. Now we are
B: writing to offer you an opportunity to develop a mutual trade. If
B: you are interested in establishing business relations with us, please
B: let us know your requirements. Then we would like to forward catalogues
B: as well as detailed information to you, and offer the best price to
B: you. We assure you of our best attention to your any inquiries.
B: We anticipate your early response in respect.
B: Huaton E-scooter Co., Ltd.
B: Room.B-202,Building Si-Hai-Ming-Yuan
B: Burg Weiji,Zone Gongbei
B: City Zhuhai 519020
B: Province Kwangtung,China
B: Tel:86-756-821-6922
B: Fax:86-756-888-3037
Spam support by:
The US Navy, Avondale Lousiana Shipyard, Frewall, a
San Antonio has NOT been compromised (Score:5, Informative)
Re:San Antonio has NOT been compromised (Score:5, Funny)
I think the proper terminology in this case would be, "I hate to torpedo part of a good story."
Then again... maybe not.
Re:San Antonio has NOT been compromised (Score:2)
I was gonna say something funny, but this thread is so bad, I just said frigate.
Re:San Antonio has NOT been compromised (Score:5, Informative)
I spent a year on ship, and sent/received email, surfed the web, and filed my maintainance reports and supply requests from the same pc. There was limits on what we could do, but we were definitely connected to the net.
Special. (Score:5, Interesting)
Re:Special. (Score:5, Insightful)
Re:Special. (Score:5, Insightful)
Any sensitve IP communications are handled over SIPRNET, which is never (or should never be) connected to NIPRNET.
Re:Special. (Score:2)
I've heard (Score:2, Funny)
At least .mil servers are good at relaying spam... (Score:5, Funny)
Someone want to post the article?
Secure chat rooms, unsecure email (Score:3, Interesting)
Apparently they missed securing their email server. I wonder if keelhauling is still allowed.
What was that grade again..... (Score:4, Interesting)
for network security?
As soon as.. (Score:5, Interesting)
Then I RTFA'ed. Pretty sad that military servers are compromised by nothing other than some stupid spammers. Makes you think what Chinese or other rogue government sponsored hackers could do to our systems if we even went to war with them....
The next war, if we fight it with a non african or Middle Eastern country, is going to involve cyber assualts. Hope the Pentagon is going to firm up their defenses more, both electronically and physically. Maybe they can even get the services of Akamai; they're practically DDOS-proof.
Re:As soon as.. (Score:2)
Re:As soon as.. (Score:4, Informative)
Derek
Not to worry (Score:2)
Amphi? (Score:2)
Or is it what it transport that is amphibious?
Talk about ambiguous!
Re:Amphi? (Score:5, Informative)
For more information on these ships, see
Re:Amphi? (Score:2)
Now the Chinese can relay their spam through U.S. military naval vessels.
So which U.S. Naval vessels aren't military?
Re:Amphi? (Score:2)
So which U.S. Naval vessels aren't military?
Or: witch military vessels aren't naval?
Re:which military vessels aren't naval? (Score:3, Informative)
The Army Transportation Corps (wo)man the tugboats. They handle the ship to shore transport of equipment and supplies.
Not sure of the numbers now, but back in the 80s, the US Army has more watercraft than the Navy, more aircraft than the Airforce, and more grunts than the Marines.
Check FAS.org [fas.org] for more info on the "Army's navy"
Another good place for information on the Transportation corps is Ft Eustis [army.mil]
Re:Amphi? (Score:2, Informative)
Wasteful military spending (Score:5, Funny)
---Okay, so it wouldn't be amphibious.
Re:Wasteful military spending (Score:2)
I do not like it, Sam I Am... (Score:5, Funny)
I do not like it from a boat
I do not like it from a goat
I don't need a huge torpedo
I don't need help with my libido
I do not like it from Chinese
I do not like it, stop it, please!
I do not like unsolicited Spam,
So please REMOVE ME Sam I Am!
Re:I do not like it, Sam I Am... (Score:3, Funny)
Just a server with a ship name? (Score:2, Insightful)
Dear Fellow White Hat Hacker... (Score:2)
Specially if you live near a coast.
Simple Spam Solution... (Score:3, Funny)
Why not just buy a scooter from the guy - then they will stop emailing you.
Seriously though, it seems to be questionable if any military network was actually compromised...
zerg (Score:2, Insightful)
I mean, seriously, spam costs money, right? It doesn't cost the spammers anything, but the compromised relays must be losing out from cost of bandwidth and deterioration of service, rig
this thing supports LCACs and Ospreys? (Score:2, Funny)
Saw it Coming, but no one listened (Score:3, Interesting)
I told the Officers that if we get Microsoft servers, we will have nothing but cracking and virus infections on the servers. No one wanted to listen. Microsoft pretty much snowballed them and sold them a bill of goods that are leaving the military open to attacks.
I can bet that someone loses their job over this one. I just hope it isn't a person who turns out to be a fall guy.
spammers move offshore (Score:3, Funny)
DON'T LET THE ARMY OR AIRFORCE FIND OUT!!! (Score:3, Funny)
They'll want bigger faster spam relays!!
Eh? (Score:2)
Theft of service? (Score:2)
Tell it to the marines. (Score:2)
Angry email user: You damn spammers flooded my inbox making me miss my kids email.
Spammer: tell it to the marines.
Angry email user: WE ARE THE MARINES!
Spammer: Oops.
Umh, not exactly... (Score:2)
If anyone's at fault for the open relay, it's probably Northrop Grumman, but I'ld say it's just someone with a Linux box in the ship yard (I'm not gonna scan a
Anyhow, this is likely a non-issue, as the
This i
Re:Had to take a second look (Score:3, Informative)
"The Navy Office of Information is headed by the Chief of Information (CHINFO), a Rear Admiral, who is the direct representative of the Secretary of the Navy and the Chief of Naval Operations for Navy-wide public affairs matters."
Re:Military tortures Saddam (Score:2, Funny)
Re:Military tortures Saddam (Score:3, Insightful)
They may not be risking their lives, but there are a ton of "fake soldiers" who will never be stationed in a war-zone but are absolutely imperative to ensure that "real soldiers" have the best odds of survival possible and the country has the best odds of victory.
Implying that the enlisted men and women who don't serve in combat aren't "real soldiers" is a c
Re:Server suddenly gone (Score:3, Insightful)
1) Spellcheck articles
2) Check for dupes.
Since both of these would be trivial to implement, and both have been suggested thousands of times, I conclude that actually suggestions are not welcome.