Source: ZDNet
A hacker named Methodic spotted a hole in America Online's instant messaging system, so he penned a program to crash the chat program of any AOL "buddy" he targeted.
Luckily, Methodic wasn't a malicious hacker, and he settled for just proving a point: Instant messaging systems used by millions around the world are vulnerable to the same types of lightning attacks spread by e-mail causing billions of dollars in damages.
Source: Xatrix
The security protocol containing the vulnerability is called Wired Equivalent Privacy (WEP), and it's used to protect local area networks (LANs) employing the 802.11 standard.
WEP contains an algorithm called RC4 that's designed to shield transmissions between a mobile station (for example, a laptop with a wireless Ethernet card) and a base station system.
Trinux.Org, the main site for the linux flavor Trinux, was defaced on Nov.11 (sorry for the somewhat late report). This comes to a surprise because of it's claim as one of the most secure flavors of Unix.
But like many other security oriented sites which have been defaced, their web hosting is sometimes dealt with a totally seperate company, thus not allowing them to administrate the systems themselves. This may, or may not be the case with Trinux.Org. Currently, their site is down. Updates will be made promptly once further information is reported or obtained.
The ProCheckNet security system has been reviewed by SC Magazine and will be run in their January 2002 issue. By all accounts it seems extremely good. The full review can be read at:
http://www.procheckup.com/download/scmag.
Here are some snippets...
I stumbled across this, and I believe it's a must read for everybody who calls himself a hacker, or a newbie... I do NOT say these are my opinions or that this is the truth; however knowledge is power! It's NOT just an old cliche, so you should read this, and the appendixes, too. It's one of the best papers on the subject I have ever read:
Click here to read the article.
COMMENTARY-- Last month, without much fanfare, Carnegie Mellon University's CERT Coordination Center released a white paper on current trends in denial-of-service (DoS) attacks. While much of the report merely chronicles the alerts and warnings the organization has published over the last two years, a few pages toward the end--where the authors point out new tactics taken by malicious users--are downright troubling.
Source: CNet News
Companies with servers running Microsoft's database application should watch out for a new hacker tool that scans and then infects systems, network security experts warned on Wednesday.
The hacker tool, named "Voyager Alpha Force," has already been used to infect more than 300 computers, said Elias Levy, chief technology officer at SecurityFocus.com.
