Pentagon seeks help on denial of service attacks
Source: Computer User
I wrote the following to illustrate how easy it is for IDS to identify Nmap OS detection, and the difficulty in detecting Xprobe OS detection.
Source: LWN.net
"The squid proxy server can be crashed with a malformed request, resulting in a denial of service attack. After the crash, the squid proxy must be restarted. The weakness can only be triggered from an address that is allowed to send requests, as configured in the squid configuration file. An upgrade to a fixed version of the squid package is the only reasonable countermeasure against the bug."
Source: Vnunet
Three months after the infamous Def Con hacker fest back in July, a group of geeks have published data which they claim may prove to be the ultimate Intrusion Detection System (IDS) test bed.
Each year the Def Con meeting in Las Vegas hosts a 'Capture the Flag' contest. In this event some of the best hackers from around the world duke it out over a specially constructed network for 72 hours, hacking for the title. To 'capture the flag' a hacker must get root access on a well-secured central server.
Source: Silicon.com
Anti-virus vendors have issued a warning to users about two viruses which have been reported in the wild.
Sophos has warned users about the W98/Elkern, which is an executable file virus designed to attack Windows 98 and ME. The KW32/Klez worm carries the W98/Elkern virus inside and drops and executes it when the programme is run. The worm can also send itself to all entries in user's address book.
Source: CW360
Hardware flaws in some Cisco firewalls for corporate central and branch offices have caused the systems to hang or shut themselves down, forcing the networking giant to replace the affected boxes.
Some Cisco Pix 515, 515-DC and 506 Firewalls have suffered system hangs when traffic on the network becomes too heavy, requiring a manual restart for the firewall manually, Cisco reported on 18 October.
Source: ZDNet
"We never gave security a thought," Brian Chee says, talking about what was probably the world's first wireless data network. Chee worked on Aloha Net, a new concept in communications developed by the University of Hawaii back in the late 60's. This network, using a form of magic called "carrier sense multiple access," let the university link computers on each of the state's islands. Later, the technology would migrate to the wired world, and with some improvements, would be known by the name "Ethernet."
Source: ZDNet Australia
Steven Lynch was first introduced to the joys of hunting down hackers in MIT in 1989. While working in the University's IT department he came across Australia's very own Leftist and Urvile, as they took control of the institutions servers and used them to poke holes in systems on the other side of the world. Phoenix and Electron were eventually tracked down to a flat in Melbourne, but not before Lynch spent countless hours following their clandestine progress through unsuspecting networks.
Source: Computer User
The widespread use of poorly configured network routers has opened the door to an "imminent" spate of attacks that could slow Internet traffic to a crawl, according to report published by a government-funded security watchdog group.
Ed Halley puts forth his arguments against the Security Systems Standards and Certification Act, a bill which would force all consumer electronic devices including e-books, DVDs, computers and cell phones to embed copy-protection technology.