|
<<
^
>>
Date: 1999-12-24
Wetterlage: Ping-Fluten zu Neujahr
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Es schaut sehr danach aus, als würden da gewisse
Vorbereitungen getroffen, um die wieder in Mode
gekommenen Ping-Attacken zur Jahreswende einer
dezentralen, aber konzertierten Anwendung zu zuführen.
post/scrypt: Dem p.t. Publikum der Liste sei ein vom
saison/bedingten Wahnsinn möglichst wenig berührter Abend
hiemit herbeigewünscht.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
[...]
A new version of a malicious program called the
Tribe Flood Network (TFN) is more powerful and
harder to detect than an earlier version,
according to experts. And an updated sister
program called Trinoo is due to be released next
week.
[...]
The program works like this: A TFN attacker
secretly embeds software into hundreds of
computers. Then, at a selected time, a command is
issued that prompts the infected computers to
swamp a target Web site or server with messages in
a method of attack called "denial of service." The
program doesn't damage the "infected" computers or
the target, but the sudden flood of messages
typically knocks out the target system.
[...]
This fundamental vulnerability of networked
computers makes protecting against denial-of-
service attacks extremely difficult.
The existence of TFN was reported earlier this
week. The new variant, called TFN2K, is
potentially more dangerous in that it can enlist
machines based on both the Windows NT and Unix
operating systems to deliver the flood of
messages, according to Gia Threatte of the Packet
Storm Web site, which publishes security-related
software so system administrators can protect
against attacks and intrusions.
TFN2K also adds the ability to act on a single
command, a stealthier mode of operation than the
previous version (which required the controller to
send a password), and encrypts communications,
making the infecting messages harder to detect,
Threatte said.
[...]
The purported author of the TFN family, who goes
by the name "Mixter," sent a version of TFN2K to
Packet Storm. Packet Storm said it also expects a
new version of Trinoo from Mixter.
With the new software being released now and the
"2K" allusion to the new year in the name of the
program, it appears that a computer attack could
occur during the holidays.
[...]
CERT has warned, "We are receiving reports of
intruders compromising machines and installing
distributed systems used for launching packet-
flooding denial-of-service attacks." CERT said
that attackers generally gained unauthorized
access to these computers through well-known
weaknesses, reinforcing the message that system
administrators must stay up-to-date on keeping
their systems secure.
[...]
Full Story
<http://news.cnet.com/category/0-1003-200-1504709.html>
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
relayed by [email protected] via mea culpa
<[email protected]>
-.- -.-. --.-
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 1999-12-24
comments to [email protected]
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|