Denial of Service Attacks Planned For Christmas - ISS

[William Knowles <wk () C4I ORG>]

http://www.newsbytes.com/news/00/158336.html

By Steve Gold, Newsbytes
ATLANTA, GEORGIA, U.S.A.,
17 Nov 2000, 12:35 PM CST

X-Force, the research and development (R&D) team of Internet Security
Systems [NASDAQ:ISSX] (ISS), has warned that hackers are planning an
online attack-fest this coming Christmas.

The attacks, if they occur, will take the form of distributed denial
of service (DDOS) invasions, a hacker flooding technique used earlier
this year - and since - to effectively flood out a major Web site and
prevent normal users from gaining access, ISS said.

The technique was used in February of this year when Amazon, Buy.com,
CNN Interactive, eBay and a number of other high-profile sites were
downed by hackers, apparently using DDOS applications known as
"Trinoo," "Stacheldraht" and "TFN2K."

ISS was one of the first IT security companies to issue an advisory
over DDOS attacks back in early February, warning Web site managers to
be aware that the offending applications could bring down an
enterprise network or e-commerce site by flooding it with large
amounts of traffic.

In addition, the firm advised that, while there is little that sites
can do to prevent such attacks, companies can take steps to ease the
pain, including assembling an incident response team, tapping
resources from the organization's Internet service provider (ISP) and
the computer emergency response team (CERT) advisory team.

ISS has also advised organizations to establish links with local law
enforcement authorities, so that, if an attack occurs, the appropriate
people can be notified quickly.

A spokesperson for ISS told Newsbytes that the firm has detected a
definite pattern amongst DDOS attacks and, coupled with its knowledge
of the hacker community, is warning major sites to be on alert for
attacks this Christmas.

The need for preparation amongst major Web site operators is great,
the company says; only 10 percent of Web sites with e-commerce
operations have preparations in place.

In parallel with its warning of impending DDOS attacks this Christmas,
ISS has teamed up with NOCpulse, a newly launched provider of
outsourced Internet infrastructure management services, to deliver
managed security services to customers.

As an emerging services provider, NOCpulse plans to add ISS' managed
security service offerings and operational expertise to major
customers,

As a result, ISS says that NOCpulse customers will have access to key
managed security services offerings as well as top notch security
expertise.

Mark Hangen, ISS' general manager of managed security services, said
that NOCpulse represents a new breed of managed service provider (MSP)
that can give companies the information they need to proactively
manage their Internet infrastructure.

Paul Anatinelli, NOCpulse's founder and president, meanwhile, said
that the NOCpulse command center is the first Internet operational
support service (IOSS) designed to give customers full control over
their Internet infrastructure,

ISS' Web site is at http://www.iss.net .

NOCpulse's Web site is at http://www.nocpulse.com .


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".