[iwar] Historical posting


From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com

Mon, Jan 1, 1999


fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

          

Excite, Possibly AOL, Hit With Hack Attacks
There was another confirmed denial of service attack on a major
Internet e-commerce site Wednesday night, involving the portal
Excite. Meanwhile, a second incident suggests another, as-yet
unconfirmed denial of service outage may have stunted service
from the largest Internet service provider, America Online.
The portal Excite has confirmed for Newsbytes that it was
significantly slowed by another denial-of-service attack for
about an hour, beginning at about 6 p.m. PST. "It's basically
the same attack as the ones that hit all the other Web sites,"
said Kelly Distefano, a spokesperson at ExciteAtHome, the
portal's corporate parent. "It was about a 50 percent drop in
traffic in that time."
http://www.newsbytes.com/pubNews/00/143698.html

A string of "denial of service" attacks temporarily
paralyzed more popular Web sites, including ZDNet and
E*Trade. Among Net experts, the attacks were seen as a
wake-up call -- both to technologists, demonstrating the
need for more reliable systems, and to consumers, as a
warning that risks remain in this still developing medium.
http://www.mercurycenter.com/svtech/news/indepth/docs/hack021000.htm
http://www.washingtonpost.com/wp-dyn/articles/A36093-2000Feb10.html
http://www.nypost.com/news/1034.htm
http://news.bbc.co.uk/hi/english/business/newsid_637000/637781.stm
http://www.wired.com/news/technology/0,1282,34249,00.html
http://www.msnbc.com/news/368183.asp

This week's attacks are serious and they highlight the
vulnerability of the system, but the Net's infrastructure
experts will learn and adjust, says tech columnist Dan
Gillmor.
http://www.mercurycenter.com/svtech/columns/gillmor/docs/dg021000.htm

The FBI takes the lead in the investigation and urges
systems administrators to take precautions so that their
servers can't be used by hackers.
http://www.mercurycenter.com/svtech/news/indepth/docs/hack021000c.htm

Whoever these intruders are, they're not doing the usual
boasting.
http://www.mercurycenter.com/svtech/news/indepth/docs/hack021000b.htm

If they're caught, the culprits likely will face federal,
state and civil charges.
http://www.mercurycenter.com/svtech/news/indepth/docs/hack021000d.htm

For Net security firms, the attacks have a silver lining --
higher stock prices.
http://www.mercurycenter.com/svtech/news/indepth/docs/hack021000e.htm

And among Web surfers, the denial of service attacks were
being seen as just another of the usual daily hassles.
http://www.mercurycenter.com/svtech/news/indepth/docs/hack021000f.htm

FBI seeks private help to solve
The FBI is seeking private help in solving what it calls the
largest computer attack on the Internet in memory -- an assault
on e-commerce sites the bureau says could easily have been
launched by any teen-ager.
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/055992.htm

Internet Cos. To Strengthen Systems
Unnerved by a rash of hacker attacks on the world's leading Web
sites, big Internet companies rushed to strengthen their computer
systems Thursday in a high-tech game of cat-and-mouse with the
phantom perpetrators.
http://www.mercurycenter.com/svtech/news/breaking/ap/docs/197429l.htm

Hackers call Web attacks amateurish
Longtime members of the computer hacker community -- many of
whom are now becoming well-regarded security consultants --
are looking on the recent spate of attacks on World Wide Web
sites with distaste.
http://www.mercurycenter.com/svtech/news/breaking/ap/docs/196563l.htm

Senators Mobilize Against Website Attacks
Responding to the spate of recent attacks against commercial Websites,
a number of legislators are calling for a crackdown on computer crime.
"We might have to pass some legislation to get even tougher" on computer
crime, Senate Judiciary Committee Chairman Orin Hatch, R-Utah, said
Wednesday. Hatch intends to hold a hearing sometime in March to
determine whether current laws give law enforcers the "tools that they
need" to prosecute computer crime offenses, Judiciary Committee
spokesperson Jeanne Lopatto said today.
http://www.newsbytes.com/pubNews/00/143704.html

Recent hacking stirs government response
Responding to this week's spate of Internet hacker attacks,
Commerce Secretary William M. Daley Wednesday emphasized the need
for Congress to appropriate $2 billion for federal government
computer security.
http://www.govexec.com/dailyfed/0200/021000j1.htm

Spread of Attacks on Web Sites Is Slowing Traffic on the Internet
As anonymous assaults on major Web sites continued yesterday,
computer vandals crippled a large online brokerage operation
and a media site. On the third day of what increasingly appeared
to be a well-planned and tightly coordinated siege by a single
individual or group, the impact of the attacks deepened. In
addition to damaging commerce at the sites that have become
targets, the attacks slowed traffic in some portions of the
Internet.
(NY Times article, free registration required)
http://www.nytimes.com/library/tech/00/02/biztech/articles/10web.html

Suspicious Email Takes Credit
This week's denial-of-service attacks on popular Web sites were
intended to send high-flying Internet stocks into freefall,
according to an anonymous email claiming responsibility for the
attacks. An email containing details about the attacks was received
Tuesday evening by Attrition.org, the prominent hacker site that
monitors and archives Web site attacks.
http://www.wired.com/news/politics/0,1283,34256,00.html

New cybersport: Taking out Web sites?
Taking out a Web site may be easier than anyone ever thought.
That's the grim reality facing law enforcement authorities,
especially as the FBI pursues its manhunt for the vandals who
attacked at least eight Internet sites over the past three days.
Indeed, the week's great Web wipeout may only be the first act
in a long-running war of attrition between cybercops and a
subculture of hackers and copycat artists.
http://www.zdnet.com/zdnn/stories/news/0,4586,2435899,00.html

Author of Web attack tool speaks
The Internet has its own sense of irony. While chatting online
with ZDNet about this week's spate of Web attacks, Mixter -- a
self-proclaimed "white-hat" hacker who created the Tribal Flood
Network denial-of-service tool some believe is responsible for
several of those attacks -- was knocked offline by a flood of
data similar to those very same attacks. "It's quite easy,"
Mixter says of the data flood technique used against Yahoo!,
eBay, Buy.com, Amazon.com, CNN, E*Trade, MSN.com and ZDNet.
And the tool allegedly created by the 20-year-old German-based
hacker makes it even easier. The Tribal Flood Network and its
newest version, TFN2K, can implement a denial of service by
flooding servers and routers with a bewildering variety of
different data types. In this exclusive chat interview with
ZDNet, Mixter calls Tribal Flood Network a teaching tool that
points out the holes in the Web. Others consider it a danger.
http://www.zdnet.com/zdnn/stories/news/0,4586,2436358,00.html

Analysis: Who is getting hit -- and why?
While it's individual Web sites--not the data centers where
many sites are hosted--that are the targets of the latest
distributed denial-of-service (DoS) attacks plaguing the Web,
some data-center providers say they are taking proactive steps
to reduce the impact of the problem.
http://www.zdnet.com/zdnn/stories/news/0,4586,2435784,00.html

No reports of new attacks
Several giant Web sites, staggering from a wave of hacker attacks,
regrouped Thursday, as U.S. lawmen sought to track down the source
of the vandalism. The U.S. Justice Department said Thursday a
substantial number of computers were likely involved in the attacks,
but there were no indications the hackers came from outside the
United States. Internet security experts and law enforcement
officials said Thursday morning there were no new reports of
slowdowns and shutdowns that afflicted some major U.S. Web sites
for three straight days, beginning Monday. ``We've received no
new reports overnight,'' said a spokesman from at CERT Coordination
Center, a federally funded research center at Carnegie Mellon
University that tracks security breaches on the Internet.
http://www.zdnet.com/zdnn/stories/news/0,4586,2435970,00.html

Can We Stop the Hack Attacks?
Web sites assess their vulnerabilities in face of cybervandalism.
The primary lesson of the recent spate of denial of service attacks
on Web sites is how to prevent another round.
http://www.pcworld.com/pcwtoday/article/0,1510,15203,00.html

Are government servers responsible for DOS attacks?
Network Associates Inc. Thursday released two updates to its
information security products free of charge that will detect
and remove the underlying vulnerability behind this week's
cyberattacks on commercial Internet sites, a vulnerability
that possibly turned federal agencies into launching points
for the attacks. A security gap in Solaris and Linux-based
servers that allows hackers to place malicious code on a
server without the administrator's knowledge is responsible
for the series of denial-of-service attacks this week against
the Yahoo, eBay, ETrade and Buy.com World Wide Web sites. The
attacking code, in the form of an agent, is placed on many
machines, which then send multiple requests to the victim's
server, essentially flooding the system and forcing
administrators to shut it down. While federal sites have not
yet been attacked in such a manner, many officials are concerned
that agency systems are unwittingly hosting these agents and
are therefore participating in the attack. The FBI, Commerce
Department and the Federal Computer Incident Response Capability
are working with agencies to determine whether their systems are
hosting the agents, and the FBI's National Infrastructure
Protection Center has posted a tool that agencies can download
and run on their systems to detect the code.
http://www.fcw.com/fcw/articles/2000/0207/web-servers-02-10-00.asp

DoD Net Administrators Must Check for Hacker Denial of Service 'Tools'
All DoD network administrators will check their computers and
servers to ensure they're not infected by hacker tools that can
be used for denial of service attacks, DoD officials said Feb. 10.
"We have not felt the attack and we have nothing to suspect that
our systems have been used as agents to make the attack," said
Pentagon spokesman Rear Adm. Craig Quigley during a press
conference. "We think it is a prudent thing to check."
http://www.defenselink.mil/news/Feb2000/n02102000_20002103.html

'Spoofing' hides computer hackers' footprints
The hackers who have managed to temporarily paralyse major websites
this week used a technique known as "spoofing'', which allows them
to commandeer other people's computers to stage massive assaults,
US federal investigators said today. "Basically, they can hide
their identity,'' explained Ron Dick, head of computer
investigations at the National Infrastructure Protection Centre.
"Intruders can use the source address by falsifying, or what they
call spoofing, such that it makes it very difficult for us in law
enforcement to identify exactly where the particular attack is
coming from,'' Dick said. "For example, when we read the address
of where the communication is coming from, it might say it's from
the FBI, when in reality the FBI may not know anything about it.''
The technique is simple. A hacker installs a small program on a
company's computer network. Later the hacker can call up all the
infected computers at once and tell them to send messages to one
website, creating a traffic jam that clogs the site's computers
and prevents almost anyone else from getting in.
http://www.it.fairfax.com.au/breaking/20000210/A10655-2000Feb10.html

EU to draft plan to tackle Internet hackers
The European Commission said Thursday it was drawing up a plan to
fight cyber crime and that a recent wave of hacker attacks on major
Internet sites would spur it to press ahead. ``These attacks create
a clear sense of urgency to tackle this difficult issue as soon as
possible,'' Commission spokesman Per Haugaard told Reuters. Haugaard
said the content of the EU executive's proposals was as yet unclear.
The Commission will be holding a series of meetings with EU member
states and online firms in March to hammer out a policy document.
However, he said it was likely to suggest that law enforcement
authorities be trained in cyber crime prevention techniques and would
aim to bring about improved cross-border cooperation between police
forces within the EU.
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/073164.htm

Surveillance bill under fire
At issue is the burden of proof. The UK Government came under fire
on Thursday from the internet community after it published a Bill
to regulate covert surveillance. The critics say the legislation,
if passed, could lead to innocent people being sent to jail simply
because they have lost their data encryption codes. The Regulation
of Investigatory Powers Bill covers the monitoring and the
interception of communications by law enforcement and security
agencies. It will, for example, lay down the legal rules that must
be followed by the police and security services when they tap
someone's phone.
http://news.bbc.co.uk/hi/english/sci/tech/newsid_638000/638041.stm

Web Service Pinpoints Denial Of Service Attacks
Responding to the recent flurry of incapacitating attacks on
various major Web sites such as Yahoo and eBay, Network
Associates, Inc., has launched a new business-to-business service
called myCIO.com which allows enterprises to click on to the
myCIO.com Web site for a check of their servers' vulnerability.
Businesses just need to enter an e-mail and IP address. MyCIO.com
then reports back as to whether the server is vulnerable to the
receipt of foreign attack codes, and whether any foreign attack
code presently resides and is running on the server.
http://www.newsbytes.com/pubNews/00/143686.html

Pranksters, Or Barbarians At The Gate?
The online world lost some of its utopian allure this week. It's
hardly news that the mouse-click ease of the Internet is underpinned
by highly complicated - and fallible - technology. Sites get clogged,
computer servers break down, viruses stream through networks. Internet
dwellers generally accept these as surmountable forces of digital
nature, like bad weather or a case of the flu. But as the Internet's
most popular Web sites - Amazon, Yahoo, eBay and E-Trade - suffer
systematic muggings from at-large hackers, most users are getting
their first large-scale exposure to cyberbia's more malicious element.
http://www.newsbytes.com/pubNews/00/143650.html