Hack Attacks Spreading!

[mea culpa <jericho () DIMENSIONAL COM>]

http://www.zdnet.com/pcmag/stories/opinions/0,7802,2347362,00.html

Hack Attacks Spreading!

By John C. Dvorak
October 4, 1999

Recently, I installed a new personal firewall system called BlackICE
Defender ($39.95 from Network ICE) on my computers. It represents a new
generation of software that I highly recommend for anyone who now has a
constant connection to the Web via a cable modem or a DSL line.

Why? Well, here's what BlackICE told me was happening to my DSL-connected
PC in the first 24 hours I had the software loaded: five Telnet port
probes to see if I had an attackable Telnet server running; three SOCKS
port probes to see if I had a SOCKS server available; two Netbus probes to
see if I had been infected with the Netbus Trojan Horse (which would allow
my system to be exploited remotely); and finally, one Smurf attack, which
would use my system along with many others to ping a target server to
death. The suspected Smurf attack came from an @Home user. I have his IP
address (although this could be spoofed) and other information on him,
too, if the @Home folks are interested in hearing more. (This is a test to
see if they care--I suspect they don't).

If anyone thinks that this Wild West of networking is a healthy
environment for e-commerce, think again. Huge Web sites are brought down
by denial-of-service attacks every day. It's a mess, and no operating
system is immune. Most of the attacks are generated with software that's
readily available on various hacker sites such as WarForge and CyberArmy.
This is where teenagers go to grab a quick attack package to harass people
who won't date them. I'd advise the computer-using public to become
familiar with the thinking behind such sites and see for themselves the
kinds of tricks the sites promote.

Note, however, that only a few hackers are good enough to cover their
tracks completely, and many attacks can eventually be traced to the
originator. But who's bothering to track them all down when millions of
attacks or probes looking for weakness take place every day?

Law enforcement has an interesting dilemma. Should it make an example out
of a few hackers picked out of the crowd? Or should it leave the small fry
alone and concentrate on nabbing more serious hackers? Making an example
out of a few punks can have two effects: It can cut down on the number of
casual attacks, but it may also improve the hiding skills of more serious
hackers.  The presence of law enforcement patrols ups the ante.

[snip..]

ISN is sponsored by Security-Focus.COM