CRIME FW: [Cyber_threats] Daily News 10/25/02

• Previous message: Andrew Plato: "RE: CRIME Ambiguities in TCP/IP - firewall bypassing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipcwatch@private] 
Sent: Friday, October 25, 2002 7:05 AM
To: Cyber Threats
Subject: [Cyber_threats] Daily News 10/25/02

October 24, CNN - FBI seeks to trace massive Net attack - attempt fails to
topple Web. As investigators continued tracking the source of a bid to
topple the heart of the Internet this week, experts said the attack was
neither the most efficient nor likely way to inflict pain on the average Web
surfer. "Most people had no idea this was happening," said Hari
Balakrishnan, a computer science professor at the Massachusetts Institute of
Technology. "If the top five most-visited sites were down, that's when
people will tell you their service was disrupted." And investigators are
hard at work trying to find those responsible, said FBI agent Steven Berry.
Hackers are constantly trying to disrupt the servers where companies,
schools and governments maintain their Web sites by overloading them with
useless information. The 13 servers hit this week -- key to the Internet's
naming system -- are responsible for matching Internet addresses with users'
requests. The attack, which began around 4:45 p.m. EDT Monday, flooded the
13 domain-name service root servers around the world with 30 to 40 times the
normal amount of data. Seven of the servers were affected enough to have
periods of "zero-reachability," according to Web security firm Matrix
NetSystems. It took about an hour for security specialists to enact
defensive measures and restore service. The attack failed to disrupt service
because the data on the 13 key servers is replicated tens of thousands of
times by Internet service providers and other computers around the world.
Source: http://www.cnn.com/2002/TECH/internet/10/23/net.attack/index.html

Virus: #1 Virus in USA: PE_FUNLOVE.4099
Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]

Top 10 Target Ports
137(netbios-ns); 80(http); 1433(ms-sql-s); 21(ftp); 25(smtp);
445(microsoft-ds); 1080(socks); 111(sunrpc); 139(netbios-ssn); 135
Source: http://isc.incidents.org/top10.html; Internet Storm Center



_______________________________________________
Cyber_Threats mailing list
Cyber_Threats@listserv
http://listserv.infragard.org/mailman/listinfo/cyber_threats

• Next message: John E Jewkes-AAA0OR-AAA0ID: "Re: CRIME Re: [cisspforum] Hacking the Vote"
• Previous message: Andrew Plato: "RE: CRIME Ambiguities in TCP/IP - firewall bypassing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 25 2002 - 08:11:12 PDT