Return-Path: <sentto-279987-3482-1004128791-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Fri, 26 Oct 2001 13:41:08 -0700 (PDT) Received: (qmail 12664 invoked by uid 510); 26 Oct 2001 20:39:14 -0000 Received: from n9.groups.yahoo.com (216.115.96.59) by 204.181.12.215 with SMTP; 26 Oct 2001 20:39:14 -0000 X-eGroups-Return: sentto-279987-3482-1004128791-fc=all.net@returns.onelist.com Received: from [10.1.1.222] by n9.groups.yahoo.com with NNFMP; 26 Oct 2001 20:39:51 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 26 Oct 2001 20:39:50 -0000 Received: (qmail 64116 invoked from network); 26 Oct 2001 20:39:50 -0000 Received: from unknown (10.1.10.27) by 10.1.1.222 with QMQP; 26 Oct 2001 20:39:50 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta2 with SMTP; 26 Oct 2001 20:39:50 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id f9QKdwh22512 for iwar@onelist.com; Fri, 26 Oct 2001 13:39:58 -0700 Message-Id: <200110262039.f9QKdwh22512@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 26 Oct 2001 13:39:57 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Routers.surpass.servers.for.hacker.attacks] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Routers surpass servers for hacker attacks By James Middleton, vnunet.com, 10/25/2001 <a href="http://www.vnunet.com/News/1126398">http://www.vnunet.com/News/1126398> As security experts have suspected for some time, denial of service (DoS) attack methods are changing, and this time the heat is on the lowest level of network infrastructure - the routers. A paper released this week by CERT analyses the changes in DoS attack methods and reveals a new twist. Hackers, crackers and cyber-vandals are increasingly getting into routers rather than servers and desktop PCs. The reason? CERT found that router administration was typically sloppier even than the security on servers. The research found that in 2001, advances in intruder automation techniques have led to a steady stream of new self-propagating worms. Some of which, such as Nimda and Code Red, have been used to deploy DoS attack technology. As if this didn't add enough to the problem, the control mechanisms for DDoS (Distrubuted Denial of Service) attack networks are changing to make greater use of Internet Relay Chat (IRC) technology too. CERT also found that the impact of DoS attacks is causing greater collateral damage, boosted by the fact that widespread automated propagation itself has become a vehicle for causing denial of service. The research painted a bleak picture for the future. "Evolution in intruder tools is a long-standing trend and it will continue," said CERT. "And, DoS attacks by their very nature are difficult to defend against and will continue to be an attractive and effective form of attack." The organisation said that automation of attack tool deployment and ease of management will continue to be areas of focused evolution for DoS tools. "It is also likely, at least in the short term, that advancements in DoS attack technology will take shape in the form of protocol-specific attacks, such as attacks on routing protocols, rather than as significant innovations in basic characteristics of packet flooding streams," said CERT. But CERT was not able to provide any solutions to the issues it discusses, instead putting the onus on the users to "evaluate how security policies, procedures, and technologies may need to change to address the current trends in DoS attack technology." "While DoS attack technology continues to evolve, the circumstances enabling attacks have not significantly changed in recent years," said the report. "DoS attacks remain a serious threat to the users, organizations, and infrastructures of the internet." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:57 PST