Hackers Strike at N.Y. Internet Access Company

CobraBoy (tbyars@earthlink.net)
Thu, 12 Sep 1996 14:09:32 -0700


>
> Hackers Strike at N.Y. Internet Access Company
>
> By Elizabeth Corcoran
> Washington Post Staff Writer
> Thursday, September 12 1996; Page D09
> The Washington Post
>
> Computer saboteurs paralyzed a New York Internet access company over
> the weekend with the first major use of an electronic attack method
> that experts say could shut down virtually any Internet service in the
> world.
>
> Beginning last Friday, the still unidentified hackers flooded Public
> Access Networks Corp., which services about 6,000 individuals and
> 1,000 companies, with streams of messages that overwhelmed its
> computers, forcing the service to shut down for hours at a time.
>
> Security specialists said yesterday the attack underlined the
> vulnerability of the global network, which many Americans increasingly
> use for electronic mail, entertainment, research and shopping, and
> predicted that it would be used again.
>
> The original national computer network that became the Internet "was a
> sandbox . . . designed for experimental purposes," said Peter Neumann,
> an expert in computer security with research firm SRI International of
> Menlo Park, Calif. "It never paid attention to problems like this."
>
> As a result, Neumann said, "there's no security on the Internet. . . .
> If we're going to digital commerce on the Internet, a lot of things
> are going to have to change. The bottom line is that the Internet
> isn't ready for prime time."
>
> William Cheswick, a scientist at Lucent Technologies Inc.'s Bell Labs,
> said when he and a coauthor were finishing an often-cited book on
> Internet security, they purposefully deleted a description of the kind
> of attack used on the Panix service in New York. "It has horrendous
> results and we didn't have a way of fixing it," Cheswick said.
>
> Here's how the attack worked: Beginning Friday evening, Panix's
> computers began receiving special streams of packets or snippets of
> information with fake, randomly generated return addresses. The
> messages are very difficult to trace, making it hard to identify the
> culprits.
>
> These types of packets essentially send a wake-up call to the
> receiving computer, checking that it is ready to receive information
> from the network, and so are the basis for much of what happens on
> electronic networks. If the packets are legitimate, the computer
> handles them in a fraction of a second. If they have a confusing
> address, the computer will hold them for 75 seconds before discarding
> them.
>
> Normally, Panix's computers -- like many others on the Internet -- can
> hold fewer than a dozen such packets. But on Friday, several of
> Panix's computers began receiving as many as 50 of such packets per
> second. Like Lucy and Ethel working in a candy factory on an "I Love
> Lucy" episode, the Panix computers soon were overwhelmed by a flood of
> bogus messages.
>
> To try to shield their system from the attack, Panix managers were
> forced to block all incoming messages for hours at a stretch.
>
> Although Alexis Rosen, president and founder of Panix, spent the
> weekend working frantically to stem the problem, it ultimately stopped
> only when the stream of counterfeit messages subsided.
>
> "We don't know why they either started or stopped," Rosen said.
>
> A nonprofit site dedicated to electronic rights, Voters
> Telecommunications Watch, was subjected to a similar -- but briefer --
> attack late Tuesday, he said.
>
> Although Panix is a relatively small Internet access provider, no
> company is immune to these kinds of attacks, Cheswick said.
>
> "This is probably the most effective of these attacks that I know of,"
> he said. "We're going to see more of it."
>
> Most Internet systems "are vulnerable to this kind of attack," agreed
> Fred Avolio, a vice president at Trusted Information Systems in
> Glenwood, Md. "It's a difficult if not in some cases impossible to
> fight against" attacks that use forged information.
>
> Rosen said he hopes that Internet access providers will work together
> to try to rebuff packets with fake return addresses. "This publicity
> isn't going to help my business," Rosen said. But he hopes that
> discussing the attacks on Panix will "wake up" major networking
> services providers to the severity of the problems.
>
> Staff writer John Schwartz contributed to this report.
>
> =A9Copyright 1996 The Washington Post Company
>
>
>
>---------------------------------------------------------------------------=
--
>Christopher D. Frankonis                cyberPOLIS - Communicate This=
 Culture
>baby-x@cyberpolis.org                  =
 http://www.cyberpolis.org/cyberPOLIS/
>
>---------------------------------------------------------------------------=
-
>> <ankh> Mr. Barbour: what is the republican stand on the CDA
>> at this momment?
>> <Haley_Barbour> Which CDA?
>---------------------------------------------------------------------------=
-
>
>
>
>
--

** History 101** Hiroshima 45 - Chernobyl 86 - Windows 95 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D "The only problem with Microsoft is they just have no taste, they have absolutely no taste, and what that means is, I don't mean that in a small way I mean that in a big way.=20 I have a problem with the fact that they just make=20 really third rate products."

Steve Jobs, Triumph of the Nerds, PBS Documentary Steve Jobs, Triumph of the Nerds, PBS Documentary

----------------------------------------------------------------------------=

--
               tbyars@earthlink.net
                   =20