[iwar] Historical posting


From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com

Mon, Jan 1, 1999


fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

          

Attacker creates traffic jam on Yahoo
Parts of Yahoo Inc.'s Web site -- one of the most heavily trafficked on the Internet -- were intermittently inaccessible to users for about three hours Monday after an outside attacker created a virtual traffic jam. Beginning about 10:30 a.m., Santa Clara-based Yahoo's routers experienced a ``distributed denial of service attack.'' That means a person or machine was sending packets of data in such volume that it prevented users from accessing parts of the site. A company spokeswoman said the attackers didn't break in and no personal or other information was stolen. She said engineers were still working to identify the person or machine that caused the problem. At 1:30 p.m., Yahoo identified the cause of the problem and installed filters to sift out the mock traffic. http://www.mercurycenter.com/svtech/news/indepth/docs/yahoo020800.htm

FBI talks with Yahoo! about attack
The FBI has contacted Yahoo! to discuss opening an investigation into Monday's denial-of-service attack against the popular Web portal. A meeting is scheduled Tuesday afternoon where the two sides will decide if FBI involvement is appropriate. Additional details were emerging Tuesday about the attack, which took the site offline for approximately three hours Monday. The attack originated from 50 different Internet Protocol addresses, according to the company. Up to 1GB of requests per second flooded Yahoo's routers. http://www.zdnet.com/zdnn/stories/news/0,4586,2434394,00.html

Yahoo Attack Set to Increase E-Vigilance
A tidal wave of false requests drowns the Web's most popular destination. Large sites are likely to take notice. Mondays are always tough <97> but this was a particularly bad one at Yahoo. From their disparate points around the Web, a highly coordinated group of e-vandals succeeded in virtually shutting down the giant web site for three hours yesterday, as the company's servers struggled to deal with the hooligans' calculated onslaught of mock information requests, or "smurfing." Users who tried to log on to the site were met with frustration and error messages. http://www.pathfinder.com/time/daily/0,2960,38924-101000208,00.html

Routers Blamed for Yahoo Outage
Most of the Yahoo network was unreachable for three hours on Monday as the company weathered what it described as a widespread malicious attack on its Web sites. Attackers reportedly laid siege to the Internet's second most popular destination at about 10:30 a.m. PST, snarling Yahoo's internal network and denying millions of visitors access to mail, schedules, and the directory service. An engineer at another company that receives Internet access from the same provider, Global Center, told Wired News the outage was due to misconfigured equipment. The person, who asked to remain anonymous, said that his firm also lost connectivity through Global Center's Sunnyvale, California, facility during the same time period due to apparent router problems, not hacker attacks. http://www.wired.com/news/business/0%2C1367%2C34178%2C00.html

Sites hacked with IDs, passwords
The hackers behind a recent series of invasions of government-run Web sites may have gained access to the sites by stealing the user names and passwords belonging to the engineers operating the systems, according to investigation sources. The hackers may have replaced the user names and passwords with new ones after illegally entering computer servers that operate the Web sites. The hackers are also suspected of erasing communications records--known as logs --in an attempt to remove information that could help trace them. Currently, specialists and investigators are trying to work out how hackers gained access to the Web site servers. The sites broken into include those run by the Science and Technology Agency and the National Institute for Research and Advancement (NIRA), an affiliate of the Economic Planning Agency. http://www.yomiuri.co.jp/newse/0208cr21.htm

Card data in server makes hacking easy
Loxley checks on work of 'Curador'. Thailand's biggest Internet service provider says hacking of a Thai e-commerce site was made easy as credit card information had been kept in the mail server. A United States-based hacker, known as Curador, claimed he had broken into a leading Thai commercial web site, stolen thousands of card numbers and posted them on the world wide web. Srisakdi Chamonmand, chairman of KSC Group, said card data should never be kept in the server, and should instead be kept on bank computers that were more secure with double "firewalls" to exclude unauthorised intruders. In the US, five small service providers' mail servers had been hacked. However, big e-commerce sites had yet to face the problem as they have direct links with banks for immediate storage of sensitive information. Loxley Information Service is investigating whether its Loxinfo site-www.shoppingthailand.com-was the site hacked by Curador. http://www.bangkokpost.com/today/080200_Business03.html

@Stake's pitch: Hackers are your friends
Start-up employs hackers to offer a wide selection of security services. Security start-up @Stake has caused quite a sensation since its recent launch as a professional services firm employing members of the hacker nether world as hired guns sent out to test corporate networks for vulnerabilities. So far, @Stake has no marquee corporate customers willing to state they have actually hired any of the company's two dozen or so hacker employees to give them advice on how to secure their networks, from selecting firewalls and antivirus software to setting up e-commerce applications. These employees include Mudge - the leader of the underground group L0pht - and even more amazingly, Dildog, top dog in the notorious Cult of the Dead Cow (CDC). @Stake says corporate America is bound to buy into the idea that the hacker underground is the best source of independent security consulting you can get. http://www.nwfusion.com/news/2000/0207apps.html

Open fire! Lab launches counterattack vs. hackers
Initiative aims to secure federal computer systems. Eric Thomas hacks into Jason Arnold's computer with a few simple keystrokes, sniffing Arnold's password, hijacking his online session and stealing all the data on his screen. It's easy enough. Thomas launches the attack, an ingeniously malicious script of Czech origin that he's downloaded from the Internet, without Arnold ever knowing what hit him. "I'm watching everything he's doing right now," Thomas says, peering at his computer screen. He types in another command and declares victory: "I've taken over his connection!" As it happens, Thomas and Arnold are seated 10 feet apart here at the northern California branch of Sandia National Laboratory, the nation's best-equipped computer attack simulation center. This is a place where it is quickly apparent that the thrust and parry between cyber-attackers and cyber-defenders has evolved further than non-experts may realize <97> and that the defenders are not as hapless as the American public may think. Both Thomas, 20, and Arnold, 18, are students at San Jose State University with a flair for computers. And both are just the type President Clinton had in mind last month when he proposed a national scholarship program to train cyber-security experts in return for four years of public service once they graduate. The two young men are part of the vanguard, already enrolled in Sandia's College Cyber Defenders Program, an initiative of computer security guru Fred Cohen. A principal member of Sandia's technical staff, Cohen, 43, is credited with inventing the computer virus as a graduate student at the University of Southern California in 1983. Like Clinton, he believes the current security environment is more precarious than ever, having spent the past 17 years pioneering defenses against all forms of cyber-attack. http://www.deseretnews.com/dn/view/0,1249,150011773,00.html

Clinton budget seeks to further electronic government, security President Clinton this morning released his administration's final budget, laced with information technology proposals.  Many of them focus on information security and electronic government initiatives.  The $1.84 trillion budget for fiscal 2001 noted the windup of year 2000 code fixes-the No.  1 management priority in last year's budget.  "The federal government's acknowledged success through the date change was the direct result of the commitment, long hours and exceptional efforts of federal employees," the budget document said.  The task now is to build on those successes, it said.  The most obvious addition to the list is IT security.  "Protecting information systems that the federal government depends on and that are critical to the.  economy is growing in importance as society's use of technology and reliance on interconnected computer systems increases," the budget said.  "Government agencies must follow the Y2K example in reaching out to private industry to assist and encourage sensible infrastructure protection efforts." http://www.gcn.com/vol1_no1/daily-updates/1297-1.html

Clinton's Wiretap-Heavy Budget
President Clinton's proposed $1.84 trillion budget includes millions of dollars in new spending on technology and law enforcement programs.  The record budget request for the 2001 fiscal year, which begins 1 October, asks Congress for more money for wiretapping, police databases, antitrust enforcement, and computer crime forensics.  One of the heftiest increases, from $15 million to $240 million, will pay telephone companies to rewire their networks to facilitate federal and state wiretapping.  Under the 1994 Communications Assistance to Law Enforcement Act (CALEA), Congress may "reimburse" phone companies for their efforts, but the controversial process is the subject of a lawsuit currently before a federal appeals court.  http://www.wired.com/news/politics/0%2C1283%2C34164%2C00.html

Uncle Sam seeks a few good techies for AF command
The Defense Department is looking for a few good patriotic men and women to become warfighters of the future.  Their job: Subdue the enemy by manipulating computer code instead of dropping bombs.  Gen.  Richard Myers, commander in chief of the Air Force Space Command, made it clear during a recent Pentagon briefing that he<92>s in recruitment mode.  Although he rejected the notion that DOD will create an information corps or cybercorps of good-guy hackers, Myers said Air Force and DOD officials are considering creating military occupation specialties that encourage a systems security career path for active-duty personnel.  http://www.gcn.com/vol19_no3/dod/1254-1.html

Italy urges truce in U.S.-EU data privacy battle
Italy is seeking a truce in a battle between the European Union and the United States over the sensitive issue of personal data collection over the Internet or other electronic networks. An EU directive on data privacy which came into force last October bars companies from exchanging personal information with firms in countries which have no proper protection of the data. European and U.S. officials have negotiated for more than two years to find a way to guard against the personal data of European consumers or employees of U.S.-based multinationals being freely accessed in the United States. http://www.sjmercury.com/svtech/news/breaking/merc/docs/029971.htm

Yahoo! - Why denial of service (DOS) attacks work
Denial of service attacks are one of the perennial nightmares for system and network administrators. Unlike most attacks there isn't a lot you can do to stop or prevent them. Applying a service patch doesn't always work when 40,000 computers are sending dozens of http requests a second to your webserver. On Monday, Yahoo! was partially knocked offline when one of their routers at a California data center was hammered into the ground by a distributed denial of service attack. Estimates say Yahoo! lost several million dollars (I'm not sure where people get numbers for monetary losses for these sites), but more importantly they have been embarrassed, and it has been proven that they are vulnerable (although investors don't seem to mind, their stock closed up half a buck today). http://securityportal.com/cover/coverstory.html

FC