[iwar] Historical posting
From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
fc Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, Jan 1, 1999
From: Fred Cohen
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
Mixter: A hunted hacker
A hacker who wrote one of the programs thought to be
responsible for last week's Web attacks is being sought by
the FBI for questioning, said a source knowledgeable with
the investigation. While the source, who asked to remain
unidentified, could not say why the FBI wanted to speak
with the self-proclaimed "white hat" hacker known by the
handle of "Mixter," the coder did write a program known as
the Tribe Flood Network, which could have been used in last
week's Web attacks.
http://www.zdnet.com/zdnn/stories/news/0,4586,2437202,00.html
Web attacks raise security concerns
For Randy Sandone, last week's Internet attacks were a
sober reminder that cyberspace is more fragile than many
people had thought. ``The Web,'' he said, ``is rotten at
its core.'' Sandone, of Argus Systems Group Inc., isn't
alone in his pessimism. Many believe that the Internet
may be growing too fast for security to keep up with
technology. Some security experts believe it's time to
focus on making the Net safer, which could mean
rebuilding much of the underlying infrastructure from
scratch. After all, consumers and businesses now use the
Internet for tasks unforeseen 30 years ago.
http://www.sjmercury.com/svtech/news/breaking/ap/docs/206243l.htm
Web site attacks pit security vs. access
The institutions whose computers were used in last week's
attack on Web sites are scrambling to find ways to stop
the invaders. Last week, the University of California at
Santa Barbara told the FBI it was one of the main hosts
of computers that hackers used to overload CNN.com.
Electronic intruders apparently hacked into a desktop
computer in a research lab to plant software that told
university computers to flood CNN.com with traffic.
http://www.usatoday.com/life/cyber/tech/cth348.htm
Real DoS hack victims weren't Web sites
HERE IS A sobering thought to end this week of hacking attacks:
While attention has focused on the top-name e-commerce sites
that were stunned by the denial of service (DoS) attacks,
thousands of computers with constant Internet access were
compromised to carry out the cyber crimes. Those computers are
most likely in corporate offices, small businesses, universities
and, perhaps, homes with high-speed Internet access. "I can say
with absolute confidence that the vast majority of those
corporations do not know that they have been breached," said Simon
Perry, director of security at Computer Associates International
(CA). In other words, many, if not most, of the computers that
were actually hacked remain compromised. It is worth bearing in
mind, Perry noted, that computers at Yahoo, Amazon.com, eBay, CNN,
and other e-commerce and popular Internet news sites attacked this
week were not the machines that were actually hacked in to.
Instead, hackers got into computers elsewhere and placed Trojan
horses or zombie software in them, which were used to launch the
attacks from those machines -- probably while their users were
going about their business unwittingly.
http://www.infoworld.com/articles/en/xml/00/02/11/000211envictims.xml
DDos degrades the Net
Whether pesky kids -- or the CIA -- are to blame for last
week's high profile distributed denial of service (DDoS)
attacks, it seems all Net users were affected by the online
mischief-making. According to Keynote, which monitors such
things, the Net's performance suffered across the board as
a direct result of the attacks on Amazon, CNN et al. In
particular, Keynote claims many sites were affected,
including those which were not direct targets of the attacks.
http://www.theregister.co.uk/000214-000019.html
Hacker probe widens as Canada attacked
The RCMP has been called in to join an international investigation
of hackers vandalizing commercial Web sites, after HMV Canada
revealed yesterday that it, too, was targeted in this week's wave
of cyber attacks. HMV Canada said its Web site was knocked out for
about an hour on Monday, apparently by the same group of vandals
that disabled a string of high-profile sites in the U.S. "Our site
was responding really slowly and as we looked into it, we realized
our system was being overwhelmed so we shut it down," said Frank
Koblun, director of consumer e-commerce at HMV. The company
launched its Toronto Web site last July. Mr. Koblun said HMV,
a subsidiary of one of the world's leading music retailers,
is working with the RCMP to try to track down those responsible.
http://www.nationalpost.com/home.asp?f=000212/203105
Hackers paralyse Eurosport Internet site
Hackers on Friday attacked the Internet site of the Eurosport
television channel, eurosport.com, leaving political messages
about NATO and Yugoslavia, the channel said. The hackers also
left a message saying they had not been responsible for recent
attacks against Yahoo, Amazon and CNN. "This attack started at
10:30 a.m. (0930 GMT) and paralysed all connections to our site
for more than three hours," said Laurent-Eric Le Lay, the head
of Eurosport Entreprises. "It was not the first attack suffered
by eurosport.com, but each time the hackers use more advanced
techniques," he said."We are therefore going to strengthen our
security systems."The English-language site, and Eurosport's
German-language eurosport.de, are among the most popular Internet
sports sites in Europe, with 1.3 million "hits" a month.
(No web link available)
Crackers Faked Out DNS To Stymie Web Server, RSA Says
A pair of online pranksters are taking credit for compromising
access to a Web site operated by one of the Internet's highest
profile data security companies. But RSA Security Inc., whose
slogan is "The most trusted name in e-security," claims it is
possible the stunt was accomplished without the crackers going
near its own servers.
http://www.newsbytes.com/pubNews/00/143785.html
http://www.newsbytes.com/pubNews/00/143839.html
FC