Return-Path: <sentto-279987-4328-1011255960-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 17 Jan 2002 00:27:09 -0800 (PST) Received: (qmail 32597 invoked by uid 510); 17 Jan 2002 08:26:07 -0000 Received: from n10.groups.yahoo.com (216.115.96.60) by all.net with SMTP; 17 Jan 2002 08:26:07 -0000 X-eGroups-Return: sentto-279987-4328-1011255960-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.164] by n10.groups.yahoo.com with NNFMP; 17 Jan 2002 08:26:00 -0000 Received: (qmail 44544 invoked from network); 17 Jan 2002 08:25:59 -0000 Received: from unknown (216.115.97.172) by m10.grp.snv.yahoo.com with QMQP; 17 Jan 2002 08:25:59 -0000 Received: from unknown (HELO n18.groups.yahoo.com) (216.115.96.68) by mta2.grp.snv.yahoo.com with SMTP; 17 Jan 2002 08:25:59 -0000 X-eGroups-Return: torben@net.Hawaii.Edu Received: from [216.115.96.134] by n18.groups.yahoo.com with NNFMP; 17 Jan 2002 08:26:09 -0000 X-eGroups-Approved-By: fcallnet <fc@all.net> via web; 17 Jan 2002 08:25:56 -0000 X-Sender: torben@net.Hawaii.Edu X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-8_0_0_1); 26 Oct 2001 20:57:46 -0000 Received: (qmail 68081 invoked from network); 26 Oct 2001 20:57:45 -0000 Received: from unknown (10.1.10.27) by 10.1.1.221 with QMQP; 26 Oct 2001 20:57:45 -0000 Received: from unknown (HELO janus.net.hawaii.edu) (132.160.3.50) by mta2 with SMTP; 26 Oct 2001 20:57:45 -0000 Received: from flopsy (flopsy.net.hawaii.edu [132.160.3.39]) by janus.net.hawaii.edu (8.10.2/8.9.3) with ESMTP id f9QKveu06655; Fri, 26 Oct 2001 10:57:40 -1000 To: <iwar@yahoogroups.com>, "'Information Warfare Mailing List'" <iwar@onelist.com> Organization: University of Hawaii Message-ID: <000701c15e60$da1587c0$2703a084@flopsy> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3311 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <200110262039.f9QKdwh22512@red.all.net> From: "Torben Noerup Nielsen" <torben@net.Hawaii.Edu> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 26 Oct 2001 10:57:41 -1000 Subject: RE: [iwar] [fc:Routers.surpass.servers.for.hacker.attacks] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Unsubscribe -----Original Message----- From: Fred Cohen [mailto:fc@all.net] Sent: Friday, October 26, 2001 10:40 To: Information Warfare Mailing List Subject: [iwar] [fc:Routers.surpass.servers.for.hacker.attacks] Routers surpass servers for hacker attacks By James Middleton, vnunet.com, 10/25/2001 <a href="http://www.vnunet.com/News/1126398">http://www.vnunet.com/News/112 6398</a> As security experts have suspected for some time, denial of service (DoS) attack methods are changing, and this time the heat is on the lowest level of network infrastructure - the routers. A paper released this week by CERT analyses the changes in DoS attack methods and reveals a new twist. Hackers, crackers and cyber-vandals are increasingly getting into routers rather than servers and desktop PCs. The reason? CERT found that router administration was typically sloppier even than the security on servers. The research found that in 2001, advances in intruder automation techniques have led to a steady stream of new self-propagating worms. Some of which, such as Nimda and Code Red, have been used to deploy DoS attack technology. As if this didn't add enough to the problem, the control mechanisms for DDoS (Distrubuted Denial of Service) attack networks are changing to make greater use of Internet Relay Chat (IRC) technology too. CERT also found that the impact of DoS attacks is causing greater collateral damage, boosted by the fact that widespread automated propagation itself has become a vehicle for causing denial of service. The research painted a bleak picture for the future. "Evolution in intruder tools is a long-standing trend and it will continue," said CERT. "And, DoS attacks by their very nature are difficult to defend against and will continue to be an attractive and effective form of attack." The organisation said that automation of attack tool deployment and ease of management will continue to be areas of focused evolution for DoS tools. "It is also likely, at least in the short term, that advancements in DoS attack technology will take shape in the form of protocol-specific attacks, such as attacks on routing protocols, rather than as significant innovations in basic characteristics of packet flooding streams," said CERT. But CERT was not able to provide any solutions to the issues it discusses, instead putting the onus on the users to "evaluate how security policies, procedures, and technologies may need to change to address the current trends in DoS attack technology." "While DoS attack technology continues to evolve, the circumstances enabling attacks have not significantly changed in recent years," said the report. "DoS attacks remain a serious threat to the users, organizations, and infrastructures of the internet." ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ ------------------------ Yahoo! Groups Sponsor ---------------------~--> Sponsored by VeriSign - The Value of Trust Do you need to encrypt all your online transactions? Find the perfect solution in this FREE Guide from VeriSign. http://us.click.yahoo.com/vCuuSA/UdiDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST