Information Security News mailing list archives
Hackers pick security holes
From: InfoSec News <isn () C4I ORG>
Date: Wed, 2 Aug 2000 05:11:43 -0500
http://www.fcw.com/fcw/articles/2000/0731/web-defcon-08-02-00.asp BY Ann Harrison, Computerworld 08/02/2000 RELATED LINKS Feds heard warnings from hackers last weekend in Las Vegas during Def Con 8, which featured workshops on exploitable vulnerabilities, defense strategies and the latest tools for the security community. One of Def Cons most anticipated events was the annual presentation by the Cult of the Dead Cow. The group released the Back Orifice hacking tool at Def Con in 1998 and announced an updated version of the Trojan horse program that targets Microsoft Corp. Windows NT systems at last years conference. The groups tools could be used to attack or defend networks. This year, members of the group offered information on a type of denial-of-service attack that can disable NetBIOS services on Windows machines. NetBIOS is a commonly used network protocol for PC local-area networks. A member of the Cult of the Dead Cow known as Sir Dystic developed a tool called NBName that he said can exploit the NetBIOS hole by rejecting all name-registration requests received by servers on TCP/IP networks. NBName can disable entire LANS and prevent machines from rejoining them, according to Sir Dystic, who said nodes infected by the tool will think that their names already are being used by other machines. "It should be impossible for everyone to figure out what is going on," he added. However, Microsoft Corp. last week posted an advisory on its Web site saying that the company is aware of the potential NetBIOS vulnerability. The company said a patch addressing the problem on Windows 2000 systems can be downloaded now, while others for the various versions of Windows NT 4.0 are due to be released "shortly." Microsoft added that external attacks shouldnt be possible "if normal security practices have been followed" by organizations. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Hackers pick security holes InfoSec News (Aug 02)