NASA blocked 1.5 million internet users from one of its websites for two days, after the agency detected unauthorized users electronically scanning its computers, according to postings on an internal NASA message board that were obtained by SPACE.com.
Subscribers to @Home cable-modem service could not reach the home page of the Jet Propulsion Laboratory (JPL), NASA's center for robotic exploration of the solar system, from July 10 to July 12 because system administrators detected that the possibly malicious scans were coming from a user from that internet service provider, according to the postings.
Port scans check the various entryways onto a computer server and are used by hackers who are looking for weaknesses on an organization's computer system. The port scans were apparently seeking ways to enter an FTP server, which controls access to documents and other files left on a server, according to the postings.
A spokeswoman for Excite@Home, which provides the @Home service, said that it has suspended or canceled the accounts of two @Home subscribers who were identified as the people conducting the scans.
In an interview, the spokeswoman, Alison Bowman, read e-mail messages she received from NASA that said the space agency considers port scans a "precursor" to attempts at unauthorized access to their servers.
Bowman also read an e-mail message from the space agency that stated that NASA's Langley Research Center in Hampton, Virginia., had also detected "unauthorized access."
NASA took action against all @Home users because the service provider was "unresponsive" to requests to address the situation, according to comments posted to the JPL message board. That kept around 1.5 million users from gaining access to the site.
But on the 12th, the following message was posted on the message board: "We have received a response from @Home that they have taken action on the scans that hit JPL and other NASA centers. With that, we are lifting the traffic block for the @Home address range."
Excerpts from the postings were obtained from a JPL employee with access to the message board, but who requested anonymity.
Peggy Wilhide, NASA's associate administrator for public affairs, declined comment, saying that she could not speak about computer-security issues.
Government websites should be blocked to the public only as a last resort, said Ari Schwartz, a policy analyst for the Center for Democracy and Technology. "Government agencies have public information," Schwartz said. "They shouldn't be shutting down their website to large groups of people when the cause is really a single user, unless they've exhausted all other means first."
JPL's website has been hacked 12 times since 1996, according to
advertisement
