Information Security News mailing list archives
Hack Attacks Spreading!
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Wed, 6 Oct 1999 15:40:57 -0600
http://www.zdnet.com/pcmag/stories/opinions/0,7802,2347362,00.html Hack Attacks Spreading! By John C. Dvorak October 4, 1999 Recently, I installed a new personal firewall system called BlackICE Defender ($39.95 from Network ICE) on my computers. It represents a new generation of software that I highly recommend for anyone who now has a constant connection to the Web via a cable modem or a DSL line. Why? Well, here's what BlackICE told me was happening to my DSL-connected PC in the first 24 hours I had the software loaded: five Telnet port probes to see if I had an attackable Telnet server running; three SOCKS port probes to see if I had a SOCKS server available; two Netbus probes to see if I had been infected with the Netbus Trojan Horse (which would allow my system to be exploited remotely); and finally, one Smurf attack, which would use my system along with many others to ping a target server to death. The suspected Smurf attack came from an @Home user. I have his IP address (although this could be spoofed) and other information on him, too, if the @Home folks are interested in hearing more. (This is a test to see if they care--I suspect they don't). If anyone thinks that this Wild West of networking is a healthy environment for e-commerce, think again. Huge Web sites are brought down by denial-of-service attacks every day. It's a mess, and no operating system is immune. Most of the attacks are generated with software that's readily available on various hacker sites such as WarForge and CyberArmy. This is where teenagers go to grab a quick attack package to harass people who won't date them. I'd advise the computer-using public to become familiar with the thinking behind such sites and see for themselves the kinds of tricks the sites promote. Note, however, that only a few hackers are good enough to cover their tracks completely, and many attacks can eventually be traced to the originator. But who's bothering to track them all down when millions of attacks or probes looking for weakness take place every day? Law enforcement has an interesting dilemma. Should it make an example out of a few hackers picked out of the crowd? Or should it leave the small fry alone and concentrate on nabbing more serious hackers? Making an example out of a few punks can have two effects: It can cut down on the number of casual attacks, but it may also improve the hiding skills of more serious hackers. The presence of law enforcement patrols ups the ante. [snip..] ISN is sponsored by Security-Focus.COM
Current thread:
- Hack Attacks Spreading! mea culpa (Oct 08)