[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Computer security



PureBytes Links

Trading Reference Links

Also check out the story (partial) below at:
http://www.zdnet.com/pcweek/stories/news/0,4153,2350743,00.html

Attacked and hacked!
The attacks on PC Week Labs' hackpcweek.com test site offer powerful
ammunition in security war
By Pankaj Chowdhry, PC Week Labs
October 11, 1999 9:00 AM ET


Security is hard.

PC Week Labs didn't need to set up the www.hackpcweek.com interactive
security test to prove this statement—it's a reality PC Week readers live
with every day. But we did need to set up the site to determine how IT
managers can most effectively safeguard their companies' mission-critical
data. The number and scope of the attacks against the site reflect the
immense challenge IT faces in securing e-business.

And security will only get harder. Companies are distrib uting their
systems, both geographically and architecturally, and this will lead to
complexities as yet unseen for managing security. As Web sites grow, so will
companies have to grow their security policies. They must establish in-house
expertise for system auditing and make sure that security budgets keep pace
with development budgets.

Hacking is a popular sport. Using our intrusion detection software and our
firewall logs, we monitored in real time the status of our Web site. What we
found was astonishing. A press release announcing that the site was up hit
the wire on Sept. 20 at 8:30 a.m. ET. Seven minutes later, we registered the
first hack attempts against the site. In total, more than 40,000 people
visited the site.

We were subjected to every sort of denial-of-service and spoofing attack,
all of which were headed off by the firewall. We were also port-scanned
several thousand times.

...continued

JW