# 94-17 Contents Three-Headed Dog Secures Network Firewalls on Display Information Warfare - - Who is the Real Enemy? Department of Information Moving Vehicles in Cyberspace Notice on Distribution 1. The November 1994 edition of "Scientific American" has an article by Jeffrey Schiller entitled "Secure Distributed Computing". Mr. Schiller is the manager of the Massachusetts Institute of Technology's campus computer network, and one of the authors of the Kerberos authentication system. The article provides an overview of Kerberos implementation at MIT, and in particular addresses the ticket-granting service (TGS). Without direct reference to the Cheswick and Bellovin book "Firewalls and Internet Security", the article has a brief discussion on several of the items which the book characterized as "limitations". The intent is obviously to suggest that secure distributed computing is multi-faceted and that Kerberos authors are constanting seeking to enhance it. 2. The October 1994 edition of "Datamation" has a brief overview piece on firewalls entitled "Insulate Against Internet Intruders" written by David Bernstein. While the article is very basic, it does provide reader service card information to obtain data on four vendors engaged in firewall sales and services. 3. The October 1994 edition of AFCEA's "Signal" contains several articles on DoD's perspectives of Information Warfare and on DISA's architecture plans. Since several of the articles are the work of vendors, readers should remember that typically vendors like to sell things, and consequently may not be the most impartial sources on the effectiveness and/or the requirement for a product. 4. The November 1994 edition of the "Communications of the ACM" devotes itself to the topic of "Securing Cyberspace". There are forty pages of articles, to include a viewpoint column by Jay BloomBecker entitled "My Three Computer Criminological Sins". 5. In an effort to reduce mail clutter, and since product evaluations are relegated to an intellectual and professional hobby at this time in my life, I will as of November 1994 issue the product test index and the list of viral infections in commercial/government products on a bimonthly basis. While my viral collection at this point is around 5,750 samples, I would still appreciate receiving samples to continue the evaluation of heuristic anti-viral products, activity monitors, and checksum/signature verification tools. [Disclaimer: Information Systems Security Updates represent the opinions and views of the author, not his employer. Recipients are free to quote all/parts of the ISSU with credit/blame to the author.]