[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] neuer Trend: Router-Attacken

To: "Infowar.de" <infowar - de -! - infopeace - de>
Subject: [infowar.de] neuer Trend: Router-Attacken
From: Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>
Date: Thu, 01 Nov 2001 00:16:41 +0100
Organization: http://www.fogis.de
Sender: bendrath -! - zedat - fu-berlin - de

Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
Attacks from the heart of the net

BBC, 10/30/2001
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1627000/1627707.stm

White House website was hit by a denial of service attack As the
security improves on one part of the internet, malicious hackers are
changing their tactics to take advantage of lapses elsewhere.

A report by the Computer Emergency Response Team has revealed that some
computer vandals are now targetting the machines making up the fabric of
the net. 
Some attackers are starting to use routers - devices that pass data
packets around the net - to bombard sites and servers with enormous
amounts of data. 
The report also warns that the pace of attacks is growing, and that
security experts have a ever-shrinking opportunity to close holes or
develop patches. 
Smurfing 
The report traces the development of the methods malicious hackers and
vandals are using to carry out Denial of Service (DoS) attacks on
websites and servers. 
The first DoS attacks took place in February 2000 when popular sites
such as Yahoo, Amazon, eBay and CNN were knocked offline by being
bombarded with bogus data packets. 
At the time anyone wanting to carry out these attacks had to use largely
manual methods to find and compromise machines that could launch data
packets on their behalf. 
The response to these high-profile attacks meant that the tactic used to
generate the net traffic, known as smurfing, became much more difficult
to carry out. 
But as one loophole closed, attackers moved on to develop new methods
and strategies. 
Now tools are available that can automatically scan for vulnerable
machines and infect them. 
Once infected, machines can be made to report their readiness to net
chat services. 
Many attackers co-ordinate the machines under their control via the same
chat channels. 
Intruders 
One new strategy is causing particular alarm. 
"One of the most recent and disturbing trends we have seen is an
increase in intruder compromise and use of routers," said the report. 
Routers are hardware devices that pass data packets around the net. They
are attractive to attackers for very simple reasons. 
"Routers are often less protected by security policy and monitoring
technology than computer systems, enabling intruders to operate with
less chance of being discovered," warn the authors. 
The routers are being used to scan for vulnerable machines, to hide
links to chat channels used to control compromised machines, as well as
to launch streams of data packets. 
The report paints a grim picture of the future and said DoS attacks are
likely to prove "attractive and effective" in the future. 
To make matters worse security experts who protect sites from attack are
getting less and less time to learn about new threats and ways to
counter them. 
The report said: "The window of opportunity between vulnerability
discovery and widespread exploitation, when security fixes or
workarounds can be applied to protect systems, is narrowing."



---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.

Prev by Date: [infowar.de] Intrusion Detection-Daten von der DefCon
Next by Date: [infowar.de] Kritik am Predator UAV
Previous by thread: [infowar.de] Intrusion Detection-Daten von der DefCon
Next by thread: [infowar.de] Kritik am Predator UAV
Index(es):
- Date
- Thread