Blog | News | Jobs
News centre
KnowledgeBANK
More from vnunet.com
ADVERTISEMENT

Deadly hacking tool discovered

Security experts have warned that hackers are developing a distributed denial of service (DDoS) tool that could be even more devastating than those used to paralyse eBay, Yahoo and other major internet sites in February.

By John Leyden 02 May 2000

Security experts have warned that hackers are developing a distributed denial of service (DDoS) tool that could be even more devastating than those used to paralyse eBay, Yahoo and other major internet sites in February.

The tool, called Mstream, joins Trinoo, TFN2K, Stacheldraht and other programs that can be used to launch DDoS attacks.

Using these programs, a hacker can make infected hosts send a series of messages to a target computer. The volume of messages arriving at the same time is enough to overwhelm that server, making a website inaccessible.

Although Mstream is believed to be in the early stages of development, the core engine is more powerful than existing DDoS attack tools, said Dave Dittrich, a University of Washington computer administrator who took part in an analysis of Mstream.

Despite numerous bugs and an incomplete feature set, the tool is still powerful enough to disable a website with only a handful of agents.

"An Mstream agent was discovered in late April 2000 on a compromised Linux system at a major university. This system was identified to be flooding packets using forged source addresses, targeted at over a dozen IP addresses," said Dittrich in a posting to online security website, Packetstorm.

Despite the use of filtering by the university, which meant only a very small number of packets were being launched, "the traffic caused the router [which served 18 subnets] to become non-responsive", Dittrich's posting noted.

"The lesson here is that there is no 'quick fix' to DDoS in the form of simple technical filtering solutions," he said.

Neil Barrett, technical director of security consultant Information Risk Management, said further development of DDoS tools made "a very good case for the introducing of intrusion detection systems with more sophisticated log files".

He said members of the internet community must ensure that their own websites are not compromised or vulnerable to attacks.

DDoS attacks have waned since a series of high-profile assaults in February, but they have not ceased. For example, internet hosting firm AboveNet was attacked last week.

A Canadian teenager, known as Mafiaboy, has been arrested in connection with an attack on CNN's website. However, it is not clear whether he was involved in the other attacks.

See also:

Bloomberg blackmail hacker suspects held
Two alleged hackers from the former Soviet state of Kazakhstan have been arrested in connection with a reported blackmail attempt against financial information service provider Bloomberg.  15 Aug 2000
Hacking the hackers
Chris Rouland and his team pioneer the fight against network hackers. We asked him about the potential dangers posed by open source operating systems and how his team infiltrates known hacking groups.  20 Jun 2000
Safe and secure investments
High-profile security glitches may have made the headlines during recent weeks, but resellers in the IT security market have reason to be thankful for the coverage.  04 May 2000
Defeating denial of service attacks
Denial of service attacks are creating yet another security headache for network managers. Although almost impossible to prevent, there are a number of measures you can take to limit the damage if they do occur.  20 Apr 2000
Bringing the net to its knees: how it was done
The heartbeat of ecommerce skipped a beat with the launch of distributed Denial of Service attacks against some of the world's largest ebusiness sites. But as early as November 1999 there had been reports of intruders installing attack tools on compromised hosts.  24 Feb 2000
Pentagon promises checks while EU works on cybercrime guidelines
The US Defence Department plans to check all of its computers with Internet access to ensure they were not used as unwitting agents in the attacks on a raft of ecommerce sites this week.  11 Feb 2000
FBI calls in experts to tackle web attacks
The FBI is consulting security industry experts to develop ways of detecting and preventing the type of attacks suffered by major websites this week.  11 Feb 2000
More big Net names fall victim to vandalism
Yahoo was not the only site to show how vulnerable the Internet is when it comes to malicious attacks - other big names also fell victim this week.  09 Feb 2000

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
RELATED ARTICLES

Other websites
Accountancy Age
Active Home
Best Practice
Computeractive
Computing
CRN
Financial Director
Information World Review
Management Consultancy
Personal Computer World
vnunet.com
Useful links: About us . Privacy policy . Terms & conditions . Advertise
UK Subscriptions
Overseas Subscriptions
© Incisive Media Ltd. 2009
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503