Bugtraq mailing list archives
Re: Hackers Out of Business?
From: mcn () c3serve c3 lanl gov (Michael Neuman)
Date: Mon, 10 Oct 1994 19:24:40 -0600
From bugtraq-owner () fc net Mon Oct 10 18:20:04 1994 Curious to note tho, is that their system was down after that message was posted for most of the time. Atleast from people Ive talked with, they said they couldnt ping it, nor connect to it, much less try to attack it.
I've pinged it at least once a day for the past 2 weeks, and it hasn't been up once..
o Active defense mechanism - captures intruders: Side- winder has been designed to actively respond to any type of outside attack by a hacker or malicious code. Sidewinder will react to an attack by allowing a system administrator to choose from a range of sophisticated countermeasure strategies: Termi- nate the attacker; Give misleading information; Strike back by identifying the attacker for future prosecution.
I'd *REALLY* like to know what it does to 'identify' the attacker. A finger and and identd call? And who in their right MIND would accept finger or ident returns as prosecutable evidence? Doesn't tcp wrappers provide all of this? Wouldn't a good proxy provide all of this too?
o Content-based message filtering: Sidewinder goes beyond traditional firewalls by incorporating content-based message filtering. Traditional firewalls filter messages based upon the routing address of the message, which can easily be defeated.
Wow, I bet that's slow...
o Easy access to Internet services: Sidewinder provides users with easy, user-friendly, point-and-click menus to access basic Internet services.
Oh great... When the next Mosaic comes out, everyone will have to wait for Sidewinder to sell their easy, user-friendly, point-and-click replacement. Sounds like a great way to make money off of free software.
o One-time sniffless passwords: Sidewinder provides strin gent user authentication with the LOCKout(tm) security software. LOCKout is a highly secure challenge-response identification and authentication system that replaces traditional passwords.
S/Key!
o Defense in depth: With traditional firewall's, once security has been compromised, the entire network is exposed to the intruder. With Sidewinder and it's patented Type Enforcement mechanism, any break-in is limited to the specific assault, and the intruder cannot migrate through the rest of the information infrastructure.
Huh? If an attacker breaks into one machine, he cannot telnet or ftp to another? I assume it does this by content-based filtering. So, what happens if I send email to a friend saying, "Try: ftp ftp.greatcircle.com", will it "terminate me"?
Secure Computing also provides a Security Alert Service to any organization that installs Sidewinder. With this Service, organ- izations are kept informed about current hacker techniques and attack scripts, as well as other potential risks.
"Sidewinder Installation Step 5: Send email to advisories-request () cert org"
"Secure Computing has leveraged heavily off of it's patented Type Enforcement technology, which is currently being used to protect U.S. Government classified networks," said Kevin Sorensen, Director of Marketing for Secure Computing. "These sophisticated security mechanisms have been repackaged into the commercial Sidewinder product."
Protect classified networks from what? No government organization would EVER approve classified networks connected to the Internet. This all sounds like hyped up free software to me. Anyone disagree? -Mike
Current thread:
- Re: Hackers Out of Business? Michael Neuman (Oct 10)
- Re: Hackers Out of Business? Christopher Klaus (Oct 10)
- Strange stuff Craig Presson (Oct 10)
- Re: Hackers Out of Business? Timothy J. Kordas (Oct 10)
- Re: Hackers Out of Business? Doug Siebert (Oct 10)
- <Possible follow-ups>
- Re: Hackers Out of Business? jeromie (Oct 11)
- Re: Hackers Out of Business? Michael Neuman (Oct 14)
- RE: Hackers Out of Business? jeromie (Oct 13)
- Re: Hackers Out of Business? Andrew Molitor (Oct 14)
- Re: Hackers Out of Business? jeromie (Oct 14)
- Re: Hackers Out of Business? J. Adams (Oct 15)
- Re: Hackers Out of Business? Christopher Klaus (Oct 10)