Can't Hack It? Ernst & Young Will Demonstrate

[William Knowles <wk () C4I ORG>]

http://www.newsbytes.com/pubNews/00/155934.html

By Phillip de Wet, ITWeb
JOHANNESBURG, SOUTH AFRICA,
29 Sep 2000, 11:54 AM CST

During October, Ernst & Young (E&Y) aims to teach 60 people to break
into Windows NT and Unix systems, and deface Web sites.

A four-day Counterhack course, to be held in Cape Town and
Johannesburg consecutively, will show corporate citizens with a
responsibility for network security just how open their systems can be
to attack.

"They need to be aware of what hackers do and can do, and they need to
understand their modus operandi," says E&Y sales director Juliet
Lubbe.

Those wanting to attend the course have to go through a screening
process before forking over 7,000 South African rand (about $970) and
also have to sign a legal agreement that they will not use their newly
acquired knowledge for malicious purposes.

The course aims to teach participants to perform attack and
penetration exercises against their own systems on a continuous basis,
says E&Y, and knowledge of specific weaknesses will also motivate
system administrators to stay up to date on the latest exploits.

"There is nothing in here that is rocket science and nothing that is
very difficult to do," said course trainer Justin Williams after a
hands-on demonstration on Windows NT attacks. "It may be a bit more
difficult if your [system] admin is clued up, but not impossible."

The Windows NT segment takes a systematic attack approach, going
through phases of target identification, gathering information about
the target, gaining user access and finally gaining administrative
access. Participants are also referred to Web sites that publish new
exploits and useful cracking tools.

Williams has the usual advice when it comes to penetration prevention
on NT systems: "Install only the services that you really need, have
proper passwords, implement account lockout and the newest fixes. Use
a password validater for user passwords if you have to."

The course also draws on the skills of "reformed hacker" Stieler van
Eeden, who defaced the Web sites of the Johannesburg Stock Exchange
and Computicket, among others, earlier this year. Using the moniker
Akt0r, Van Eeden defaced pages in an effort to find a job in the
security industry. Ernst & Young was happy to oblige.

"There was some concern when we hired him," says Lubbe, "but it was
absolutely the right decision. We have learned a lot from Van Eeden
and he can teach our clients a lot of things."

Counterhack is modeled on similar programmers in the US, says E&Y, but
adapted to local conditions. It will be expanded beyond the first two
sessions if interest warrants.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".