[ISN] Hacker Tools Getting Smarter

From: mea culpa (jerichot_private)
Date: Thu Apr 30 1998 - 18:56:26 PDT

  • Next message: mea culpa: "[ISN] IBM Submits New Crypto Scheme"

    Forwarded From: Aleph One <aleph1t_private>
    [ Here is another example of horrible journalism. First what the hell is
    with this term "vandals"? This is nothing more than a trojan. Second
    although the article title would make you think they are talking about
    some new attack the article itself reads more like an ad for eSafe. What
    could not find any other product to compare it to? And lastly our friend
    from AntiOnline has now officially been names a security expert. - a1 ]
       Hacker Tools Getting Smarter 
       Watch Out For Vandals! 
       These are sneaky, sneaky bits of code that seem harmless until
       they come in contact with your computer.
       Shimon Gruper, eSafe Technologies
       By Michael J. Martinez
       S E A T T L E,   April 29 &#0151; The traditional image of a
       hacker&#0151;sweating nervously in front of a computer while battling
       network security programs&#0151;has become a thing of the past, thanks
       to a new generation of smart hacking tools called vandals.
            Most computer security measures are still aimed at real-time
       intrusions&#0151;someone trying to break in using the computer
       equivalent of brute force. Vandals, however, are innocuous looking
       programs that lie in waiting in e-mail and on Web sites.
            &#147;These are sneaky, sneaky bits of code that seem harmless
       until they come in contact with your computer,&#148; says Shimon
       Gruper, founder and chief technology officer of eSafe Technologies.
       &#147;They are very, very popular right now.&#148;
       Hacking the Easy Way 
       What&#146;s the difference between a vandal and other hacker methods?
       Traditionally, hackers had to log on to the network they wanted to
       crack and try to circumvent all the security measures in real time.
       Vandals are let loose into a computer system and forgotten about.
            Sound like a virus? Not really. Viruses are simple bits of code,
       designed to cause mischief or destruction once they enter a system.
       Vandals, on the other hand, can be programmed not only to destroy
       specific items within a network or on a hard drive, but also to bring
       information stored on a computer back to the hacker&#0151;such as the
       passwords to the entire network.
            Defenses against traditional hacks and viruses are relatively
       easy. Firewalls and password protection can stave off most assaults,
       at least until the network&#146;s administrator can be alerted.
       Anti-virus programs are commercially available, and most can readily
       identify any of the 3,000 or so viruses out there today.
            &#147;All of these items have been on the market for years,&#148;
       Gruper says. &#147;But these vandals are different.&#148;
       Watch That Applet! 
       Vandals are hidden within other executable programs, like a Java or
       ActiveX applet in a Web page, or an .exe file sent via e-mail.
       They&#146;re implanted in a system by something as simple as opening a
       Web page or a program attachment in e-mail. They get the info they
       need, cover their tracks, and then send that information back to their
       creator, usually piggy-backed on top of unrelated outgoing e-mail.
            Unfortunately, vandals aren&#146;t caught too often. Like most
       security measures, those designed to catch vandals in the act are
       often outdated within weeks or months.
            Gruper thinks he has a solution. Instead of writing a program to
       clamp down on specific vandals, Gruper&#146;s eSafe Protect program
       sniffs out almost anything that&#146;s out of the ordinary.
            First off, the eSafe program &#147;learns&#148; how you go about
       your computer tasks. It records how you use each application, and how
       each application works. Then, after anywhere from a day to a week, the
       computer digests all of that information and creates a set of
       parameters for &#147;normal&#148; computer use. Any program that
       enters the computer from an outside source will be compared to those
       parameters. Those behaving oddly, in the computer&#146;s perspective,
       will be sealed off and not allowed to affect the rest of the computer.
       Anti-Vandal Software 
       While this approach certainly maximizes safety, and won an
       Editor&#146;s Choice award from PC Magazine, computer security expert
       John Vransevich says it might be just a little too paranoid.
       Vransevich says the eSafe program questioned too many of his computing
       moves, making Web surfing on Java or ActiveX-enhanced pages more than
       a little tiresome.
            &#147;In my mind, for computer security software to be effective,
       and for it to be something that your average person would actually
       use, it should be almost invisible,&#148; Vransevich says. &#147;With
       its constant interruptions, as I&#146;d call them, the software is
       almost annoying, and I think the average user would find themselves
       closing it just so that it would leave them alone.&#148;
            On the other hand, some computer users would rather be safe than
       sorry. [INLINE]
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Dimensional Communications (www.dim.com)

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:52:13 PDT