[iwar] Hackers amass new zombie army (fwd)


From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com

Sat, 16 Sep 2000 19:40:07 -0700 (PDT)


fc  Sat Sep 16 19:41:17 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Sat, 16 Sep 2000 19:41:17 -0700 (PDT)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sun Sep 17 02:36:47 2000)
X-From_: sentto-279987-524-969158409-fc=all.net@returns.onelist.com  Sat Sep 16 21:35:46 2000
Received: from ch.egroups.com (ch.egroups.com [208.50.99.226]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id VAA12351 for ; Sat, 16 Sep 2000 21:35:46 -0500
X-eGroups-Return: sentto-279987-524-969158409-fc=all.net@returns.onelist.com
Received: from [10.1.10.35] by ch.egroups.com with NNFMP; 17 Sep 2000 02:40:14 -0000
Received: (qmail 28391 invoked from network); 17 Sep 2000 02:40:08 -0000
Received: from unknown (10.1.10.26) by m1.onelist.org with QMQP; 17 Sep 2000 02:40:08 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta1 with SMTP; 17 Sep 2000 02:40:08 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id TAA12746 for iwar@onelist.com; Sat, 16 Sep 2000 19:40:07 -0700
Message-Id: <200009170240.TAA12746@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Sat, 16 Sep 2000 19:40:07 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] Hackers amass new zombie army (fwd)
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

-------------------------- eGroups Sponsor -------------------------~-~>
Thousands of Great Jobs, One Great Location!
Austinatwork.com. Great Jobs, Great Life!
http://click.egroups.com/1/7847/14/_/595019/_/969158409/
---------------------------------------------------------------------_->

 Hackers amass new zombie army 

CERT says attacks pose =91threat to Internet infrastructure=92 

By Bob Sullivan
MSNBC 

Sept. 15 =97 The nation=92s government-funded computer security watchdog=
 issued a warning Friday that computer intruders have taken control of=
 hundreds of computers connected to the Internet. The attackers are in a=
 position to launch a serious attack, according to the CERT Coordination=
 Center, which said that the situation =93poses a significant threat to=
 Internet sites and the Internet infrastructure. =94   

        COMPUTER VANDALS ARE exploiting two fairly common vulnerabilities=
 in Unix computer systems discovered since July. In about 100 cases since=
 then, intruders have used the vulnerabilities to install distributed=
 denial-of-service tools on machines, according to CERT Incident Response=
 Team Leader Kevin Houle. Those tools figured prominently in February=92s=
 well-publicized attacks on big-name Web sites like Yahoo.com, Amazon.com,=
 and CNN.com.

       New reports are coming in at the rate of about two to five per day,=
 he said.

       =93In one incident, we recorded over 560 hosts at 220 Internet sites=
 around the world as being a part of a Tribe Flood Network 2000 DDoS=
 network,=94 Poule said.

       Tribal Flood networks allow a single attacker to control an army of=
 =93zombie=94 computers remotely; the bandwidth of all those computers can=
 then be brought to bear on a single target Web site, =93flooding=94 it=
 with traffic and effectively shutting it down. 

------------------
http://all.net/