[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Network Cracking Turns Meaner With Fracking ...
From: mea culpa <jericho () dimensional ! com>
Date: 1998-05-30 9:34:47
[Download RAW message or body]
Forwarded From: Nicholas Charles Brawn <ncb05@uow.edu.au>
[Only a few gripes with this article. :)
Firstly, I believe the commonly accepted term for a "phone hacker" was a
phreak, not as this article suggests, a "fracker".
Secondly, I believe the term "cypherpunk" is the accepted description for
someone who is a "specialist in cracking cryptographic algorithms",
though that might be smearing the term somewhat.
Sounds like they're trying to whip up some new buzzwords. :) -Nick]
WELLESLEY, MASSACHUSETTS, U.S.A., 1998 MAY 28 (Newsbytes) -- By
Jacqueline Emigh, Newsbytes. Network "cracking" is evolving in a more
malicious direction, while adding specialty areas like "fracking" and
"crypting" in the process, said a member of a new anti-cracking unit at
Cambridge Technology Partners (CTP), during CTP's "New Hack Tour."
Really, "cracker" -- rather than "hacker" -- is the word to use in
describing individuals who break into networks, said Wyly Wade of CTP's
Enterprise Security Systems Group, during a meeting with Newsbytes at the
CTP-sponsored conference. "Hacker" actually refers to anyone who writes
program code, even an end user who scripts Microsoft Word macros, Wade
told Newsbytes.
Emerging derivatives of the term "cracker" include "fracker," meaning a
person who breaks into phone networks, and "crypter," a specialist in
cracking cryptographic algorithms, Wade added.
The earliest crackers engaged in the practice for "humanitarian"
reasons, such as the desire to help companies build better products,
according to Wade. The humanitarians were the joined by those who cracked
networks to "further the free exchange of information."
Later on came groups like the PLO, which breaks into networks "purely
for profit;" and finally, people whose motives are entirely malicious.
Many of the newest breed of crackers are kids who are unaware of
cracking's roots, said Wade, one of eight members of a new anti- cracking
Internet security team at CTP.
CTP, a systems integration and software development specialist based in
Cambridge, Massachusetts, formed the new group, known as "Core," in
response to customer requests. CTP takes a "partnering" stance with its
customers, meeting whatever IT (information technology) requirements need
to be addressed, Wade maintained.
With Internet security a rising concern among customers, the new "Core"
group stays about a year ahead of the industry at large in keeping on top
of new security threats, Newsbytes was told.
The job is challenging, because new "incursions," or security holes,
keep showing up every day, according to Wade.
A few of the more popular methods of cracking being discussed at this
week's conference include the FTP (file transfer protocol) bounce attack,
protocol tunneling, and tactics such as SYN flooding, which result in
"denial of service."
In the FTP bounce attack, crackers manipulate FTP PASV mode, using PORT
and QUOTE to send scripts that allow them to gain access to unauthorized
FTP servers, speakers said during conference sessions. Protocol tunneling
calls for encapsulating, or hiding, one protocol inside of another, such
as a telnet inside a ping request.
Many tactics can be used to bring denial of service, including SYN
flooding, ghost routing, and service loops, for instance. In this type of
attack, users typically do not even realize a server has been hit, instead
believing that the server must be busy, or down for maintenance, for
example.
Wade pointed out that new viruses continue to fester, as well. Viruses
are already showing up in the 32-bit environment, although some people
said this would never happen. And these perennials of cyberspace are
certain to land on new 64-bit platforms, as well, Wade predicted.
Cambridge Technology Partners is located at http://www.ctp.com on the
World Wide Web.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic