RE: [iwar] The Middle East


From: Ozair
From: ozair_rasheed@geocities.com
To: iwar@egroups.com

Sat, 28 Oct 2000 19:28:45 +0500


fc  Sat Oct 28 07:27:16 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Sat, 28 Oct 2000 07:27:16 -0700 (PDT)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sat Oct 28 14:27:11 2000)
X-From_: sentto-279987-713-972743215-fc=all.net@returns.onelist.com  Sat Oct 28 09:26:55 2000
Received: from fh.egroups.com (fh.egroups.com [208.50.144.71]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id JAA10901 for ; Sat, 28 Oct 2000 09:26:55 -0500
X-eGroups-Return: sentto-279987-713-972743215-fc=all.net@returns.onelist.com
Received: from [10.1.10.36] by fh.egroups.com with NNFMP; 28 Oct 2000 14:26:59 -0000
X-Sender: ozair_rasheed@geocities.com
X-Apparently-To: iwar@egroups.com
Received: (EGP: mail-6_2_1); 28 Oct 2000 14:26:55 -0000
Received: (qmail 18205 invoked from network); 28 Oct 2000 14:26:55 -0000
Received: from unknown (10.1.10.142) by m2.onelist.org with QMQP; 28 Oct 2000 14:26:55 -0000
Received: from unknown (HELO relay3.mail.yahoo.com) (128.11.68.112) by mta3 with SMTP; 28 Oct 2000 14:26:54 -0000
Received: from smtp2.mail.yahoo.com (128.11.68.32) by relay3.mail.yahoo.com with SMTP; 28 Oct 2000 07:26:54 -0700
Received: from host-64-110-95-119.interpacket.net (HELO ozair) (64.110.95.119) by smtp.mail.vip.suc.yahoo.com with SMTP; 28 Oct 2000 14:26:51 -0000
X-Apparently-From: 
To: 
Message-ID: 
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
In-Reply-To: <200010281402.HAA16067@all.net>
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
From: "Ozair" 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Sat, 28 Oct 2000 19:28:45 +0500
Reply-To: iwar@egroups.com
Subject: RE: [iwar] The Middle East
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

It seems that you have presented only one side of the picture. It would be
equitable to point out that unofficial and official sites in Israel are also
using the same methods mentioned below to hack and attack the sites owned by
Hezbollah. This cyber war (or as we call it DoS attacks) are being initiated
by both sides.

Check out the full story at the link below.

http://www.dawn.com/2000/10/28/int2.htm

While commenting on the event itself purely from a technical point of view.
I would say that this is a primitive form of warfare in cyberspace and is
equivalent to choking a guy with bare hands. In time to come we may see a
more advanced form of warfare which may actually be more destructive than
the simple DoS.


Regards,
Ozair


-----Original Message-----
From: Fred Cohen [mailto:fc@all.net]
Sent: ?????, ????? ????? 28, 2000 7:03 PM
To: Information Warfare Mailing List
Subject: [iwar] The Middle East


Subject: E-mail Flooding and Denial of Service (DoS) Attacks


ANSIR E-MAIL - National Infrastructure Protection Center (NIPC), Middle
East E-mail Flooding and Denial of Service (DoS) Attacks (NIPC Advisory
00- 057).

This assessment is intended to advise recipients concerning an increased
level of cyber activity against Web sites related to Israel and
pro-Palestinian organizations.  Due to the credible threat of terrorist
acts in the Middle East region, and the conduct of these web attacks,
recipients should exercise increased vigilance to the possibility that
U.S.  government and private sector Web sites may become potential
targets.  The methods observed in the conduct of these attacks are
transitory in nature, and do not pose a threat of lasting damage to Web
sites.

The recent unrest in the Middle East appears to have been responsible
for an increase in cyber attack activity between sympathizers on both
sides of the tensions.  Known targets have included Web sites operated
by the Israeli government and military as well as Web sites operated by
pro- Palestinian organizations including Hizballah and Hamas.

Numerous Web sites have been found on the Internet that contain messages
advocating cyber attack activity against both Israeli and pro-
Palestinian Web sites, and in some instances include interfaces for
launching automated e-mail flood, ping flood or other DoS attacks.

Methods of attack against Israeli Web sites include automated e-mail
floods and high volumes of coordinated requests for Web services by
pro-Palestinian sympathizers.  Media sources have reported that Web
pages operated by Israel's Foreign Ministry, the Israel Defense Force,
the Prime Minister's Office, and the Treasury have been targeted for DoS
attacks, and some indications are that other unpublicized sites in the
.il domain have experienced similar attacks since hostilities
intensified.  Some of the documented e-mail flood attacks have
reportedly involved users of U.S.  free Web-based e-mail providers
Yahoo! and Hotmail.

While there are currently no indications that any specific U.S.  Web
sites have been or will be targeted as a result of this activity, the
NIPC recommends that recipients of this assessment remain vigilant to
the possibility that there could be some spill-over activity and that
U.S.  sites could become targeted.  In recent days, the overall threat
condition for U.S.  military forces in the Middle East has increased due
to new, credible threats of terrorist acts in the region.  Similarly,
NIPC views the current conditions as creating the possibility for
related cyber attack activity against U.S.  sites.

Information systems security professionals should be prepared to take
recommended preventative measures including, but not limited to the
following: Be prepared to take appropriate steps to limit ping flooding
at border routers.  Be prepared to block source e-mail addresses in the
event of e-mail flooding.  Ensure appropriate patches are installed to
operating systems to limit vulnerability to other DoS attack methods.

Previous NIPC Advisories are available at the NIPC webpage: www.nipc.gov

Recipients are asked to report, actual or suspected, criminal activity
to their local FBI office or to NIPC, and to your military or civilian
computer response group and other law enforcement agencies as
appropriate.

Incidents may be reported online at www.nipc.gov/incident/cirr.htm.

This FBI Awareness of National Security Issues and Response (ANSIR)
communication is intended for corporate security professionals and
others who have requested to receive unclassified national security
advisories.  Individuals who wish to become direct recipients of FBI
ANSIR communications should provide business card information, i.e.
company name, address, phone, fax, etc., to ansir@leo.gov for
processing, with a brief description of the product and/or service
provided by your organization.



------------------
http://all.net/


__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com

-------------------------- eGroups Sponsor -------------------------~-~>
eGroups eLerts
It's Easy. It's Fun. Best of All, it's Free!
http://click.egroups.com/1/9698/14/_/595019/_/972743215/
---------------------------------------------------------------------_->

------------------
http://all.net/