-Caveat Lector- <A HREF="http://www.ctrl.org/">
</A> -Cui Bono?-
http://www.marketwatch.newsalert.com/bin/story?StoryId=ColnPubebDxmTA
gfJA2vYCY1MyMK&FQ=v%25upi&Title=Headlines%20for%3A%20v%25upi%0A
Cyber-attack tool appears in Windows-run systems
United Press International - February 23, 2000 16:34
WASHINGTON, Feb. 23 (UPI) -- The FBI Wednesday was continuing
to warn of a troubling new development in the fight against
cyber-attacks, such as the ones that crippled some of the most
popular sites on the Internet earlier this month.
For the first time, the tools used to launch such attacks have
been found on computer systems using later versions of Windows.
Warnings about the tools, which can be found "in the wild" on
the Internet, were first posted on the Web site of the National
Infrastructure Protection Center on Dec. 30. NIPC is a
multi-agency unit headquartered in the FBI in Washington, and
is the government's front-line defense against cyber-attacks.
But those early warnings involved "distributed denial of
service," or DDOS, tools that could be used to launch attacks
against Solaris-run computers, not those using the more popular
Windows operating system. Those earlier versions were used in
this month's attacks.
However, NIPC is now warning that new tools similar to the
earlier "Trin00" and "Tribe Flood Network" have shown up on
Windows systems.
"NIPC determined that the tool was found on 16 Windows 98
machines on a university network," the agency's latest advisory
says. The advisory was posted last Friday, but is still
available on the unit's Web site.
The FBI did not give details, but the machines are believed to
be in California.
"Denial of service" attacks depend on "packets" or "daemons"
being implanted into "victim" computer systems, turning them
into "zombies." Scores or hundreds of such "zombie" computer
systems can be made to launch an attack on a target without the
knowledge of their operators.
The "zombie" systems essentially send a flood of requests for
information to the target Web site, but provide "spoofed" or
phony return e-mail addresses, locking the sites up for hours
in a futile attempt to answer the requests.
NIPC says before they were nullified, the 16 "infected" Windows
machines were communicating with each other, without the
knowledge of their operators. The unit said it has already
moved to counter the new threat, sending DDOS binaries to
anti-virus vendors so they can modify their software.
Meanwhile, the investigation into the attacks earlier this
month is also continuing. An FBI spokeswoman said Wednesday
that "leads have taken us to Canada," but declined further
comment. A Clinton administration official outside the FBI
confirmed that U.S. agents are working closely with the Royal
Canadian Mounted Police in the hunt for possible suspects.
--
Copyright 2000 by United Press International.
All rights reserved.
© 1997-1999 MarketWatch.com, Inc. All rights reserved.
<A HREF="http://www.ctrl.org/">www.ctrl.org</A>
DECLARATION & DISCLAIMER
==========
CTRL is a discussion & informational exchange list. Proselytizing propagandic
screeds are not allowed. Substance—not soap-boxing! These are sordid matters
and 'conspiracy theory'—with its many half-truths, misdirections and outright
frauds—is used politically by different groups with major and minor effects
spread throughout the spectrum of time and thought. That being said, CTRL
gives no endorsement to the validity of posts, and always suggests to readers;
be wary of what you read. CTRL gives no credence to Holocaust denial and
nazi's need not apply.
Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://home.ease.lsoft.com/archives/CTRL.html
http:[EMAIL PROTECTED]/
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om
