home
NEWS       BLOGS       FORUMS       NEWSLETTERS       RESEARCH       EVENTS       DIGITAL LIBRARY       CAREERS  
Network Computing Network Computing Powered by InformationWeek Business Technology Network

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |
APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers



  W O R K S H O P

Anatomy of a Network Intrusion

October 18, 1999
By Greg Shipley

Empty Red Bull cans litter the floor, reflecting the warm glow of the monitors. Alongside the sketch boards lie drained liters of Mountain Dew, partially eaten burritos and dozens of 486 machines configured as Linux Beowulf clusters. A Pentium II machine plugged into a seemingly endless line of surge suppressors hums as it continues to brute-force password guesses at a rate of 10 million per second. Only 12 more hours to go...

All the machines have their lids off--no hard-core geek is ever satisfied with the state of a system. Legal pads are covered with IP addresses, penciled network maps and port numbers. As the attackers' scripts relentlessly scan for the presence of the recently identified CGI vulnerability, they continue to exchange notes with the crew on IRC (Internet Relay Chat). They figure once they've compromised a few dozen ISPs--creating a network of "stepping stones"--they can forge ahead to their target.

It's all about buffer space--a disposable safety net with a redo button. If they "own" a dozen machines between them and their target, they can attack with the confidence that only a cyborg in a time machine could ever gather enough info to snag them--only a handful of organizations have the manpower or expertise to catch intruders who leave no trail. Attack, clean, reattack--and gain as much net space as possible.

Auditor? Cracker? Strung-out administrator? The roles can be interchanged and the distinction blurred, with one exception: The crackers have the easiest task. They need find only one open doorway; the defenders must check every lock.

"It takes one to know one" may be cliché, but it holds up in the network security arena. Understanding how attackers operate is invaluable--in fact, it's your best defense. The concept of "hacking" into your own network for security purposes isn't new. Dan Farmer published a paper in 1995 entitled "Securing Your Site by Breaking Into It" (www.fish.com/security/admin- guide-to-cracking.html). Network Computing published a similar article a few years ago (see "Intrusion Detection Provides a Pound of Prevention" at www.networkcomputing.com/815/815ws1.html).

Many of the time-tested security principles still hold true. However, attackers' tools and talent have taken giant leaps. Each time security products mature, so do attack methodologies, and if you fall behind on either, you're setting yourself up for a nightmare.

Cracking Some Myths
Before we even think about sitting down in front of a computer, let's debunk some common assumptions about crackers and excuses for reduced vigilance.

  • "We are not a high-profile company--no one is targeting us." You may manufacture industrial-strength toilet seats, but be "next door," in Internet terms, to an e-commerce site performing credit-card processing. Or maybe you have great bandwidth or juicy servers, or maybe your domain name just sounds cool. It often doesn't matter what your company is or does, intruders can make use of your network even if it isn't their final target.

  • "That is a really complicated attack--it would never happen to us." Although experts agree that the successful cracker lies somewhere between script kiddy (able to execute prewritten code, but unable to manufacture new exploit code) and elite programmer, most are able to pull off fairly sophisticated attacks. Think back to your college years. Imagine spending less time drinking beer and more time in front of your terminal. What level of mischief could you achieve? Now add the declining prices of bandwidth and hardware and it's no wonder 14-year-olds are drawing visits from the Secret Service.



  • PAGE: 1 I 2 I 3 I NEXT PAGE
     





    Ready to take that job and shove it?

    Function:

    Keyword(s):

    State:
    SPONSOR
    RECENT JOB POSTINGS
    CAREER NEWS
    Aneesh Chopra is looking to other CIOs to advise him on fleshing out a more detailed agenda to best serve the president's IT agenda.

    IT spending is expected to decline by 3.8 percent in 2009 according to Gartner.










    2009 IT Salary Survey: Meager Raises, Solid Prospects
    Though raises are notably smaller than a year ago, and job security’s shrinking, IT careers are looking safer than many others in this economic downturn. Get all the findings in InformationWeek's 2009 IT Salary Survey. Available FREE for a limited time.
     
    ROLLING RIGHT ALONG
    Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



    Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








    TechSearch


    Microsite of the Week


    Powerful Information at Your Fingertips



    Techweb
    Informationweek Business Technology Network
    InformationweekInformationweek 500Informationweek 500 ConferenceInformationweek AnalyticsInformationweek Events
    Informationweek MagazineGlobal CIOIWK Government ITbMightyByte and SwitchDark Reading
    Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingPlug Into The CloudDr. DobbsContentinople
    space
    TechWeb Events Network
    InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0Mobile Business ExpoNoJitter
    Black HatGTECEnergy CampCloud ConnectGov 2.0 ExpoGov 2.0 Summit
    space
    Light Reading Communications Network
    Light ReadingLight Reading AsiaUnstrungCable Digital NewsInternet EvolutionPyramid Research
    Heavy ReadingLight Reading LiveLight Reading InsiderEthrnet ExpoTelco TVTower Technology Summit
    space
    Financial Technology Network
    Advanced TradingBank Systems and TechnologyInsurance and TechnologyWall Street and TechnologyAccelerating WallstreetBST SummitBuyside Trading SummitIT Summit
    space
    Microsoft Technology Network
    MSDNTechNetTotal IT ProTotal Dev ProNET Total Dev Pro CommunitySQL Total Dev Pro Community
    space


    App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
    About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |  Advertising Contacts  |   Briefing Centers
    Copyright © 2009  United Business Media LLC  |  Privacy Statement  |  Terms of Service