CLOSEOUT MEMORANDUM The Office of Inspector General's (OIG) Office of Audits notified the Office of Investigations that KPMG had detected numerous instances of peer-to-pe& file sharing, via a program cilled "Kazaay7involving PCs within the National Science Foundaion (NSF). KPMG detected the vulnerabilities while conducting external and internal computer penetration testing for NSF. The OIG investigation revealed that Internet Protocol (IP) addresses are assigned dynamically and therefore, may change over time. Due to an agency-wide power outage since the time KPMGdiscovered the peer-to-peer file sharing, it is impossible to determine which PCs had been assigned the IP addresses identified by KPMG at the time KPMG obtained its data. In light of the above, and because the use of peer-to-peer file sharing programs does not violate any existing NSF policies prohibiting the use of such programs, this case is closed. Accordingly, this case is closed.
NSF Employee Misconduct
Published by the National Science Foundation, Office of Inspector General on 2003-09-05.
Below is a raw (and likely hideous) rendition of the original report. (PDF)