Deadly hacking tool discovered

Security experts have warned that hackers are developing a distributed denial of service (DDoS) tool that could be even more devastating than those used to paralyse eBay, Yahoo and other major internet sites in February.

Written by John Leyden

vnunet.com, 02 May 2000

Security experts have warned that hackers are developing a distributed denial of service (DDoS) tool that could be even more devastating than those used to paralyse eBay, Yahoo and other major internet sites in February.

The tool, called Mstream, joins Trinoo, TFN2K, Stacheldraht and other programs that can be used to launch DDoS attacks.

Using these programs, a hacker can make infected hosts send a series of messages to a target computer. The volume of messages arriving at the same time is enough to overwhelm that server, making a website inaccessible.

Although Mstream is believed to be in the early stages of development, the core engine is more powerful than existing DDoS attack tools, said Dave Dittrich, a University of Washington computer administrator who took part in an analysis of Mstream.

Despite numerous bugs and an incomplete feature set, the tool is still powerful enough to disable a website with only a handful of agents.

"An Mstream agent was discovered in late April 2000 on a compromised Linux system at a major university. This system was identified to be flooding packets using forged source addresses, targeted at over a dozen IP addresses," said Dittrich in a posting to online security website, Packetstorm.

Despite the use of filtering by the university, which meant only a very small number of packets were being launched, "the traffic caused the router [which served 18 subnets] to become non-responsive", Dittrich's posting noted.

"The lesson here is that there is no 'quick fix' to DDoS in the form of simple technical filtering solutions," he said.

Neil Barrett, technical director of security consultant Information Risk Management, said further development of DDoS tools made "a very good case for the introducing of intrusion detection systems with more sophisticated log files".

He said members of the internet community must ensure that their own websites are not compromised or vulnerable to attacks.

DDoS attacks have waned since a series of high-profile assaults in February, but they have not ceased. For example, internet hosting firm AboveNet was attacked last week.

A Canadian teenager, known as Mafiaboy, has been arrested in connection with an attack on CNN's website. However, it is not clear whether he was involved in the other attacks.

Tags:

reader comments

related articles

Bloomberg blackmail hacker suspects held

Two alleged hackers from the former Soviet state of Kazakhstan have been arrested in connection with a reported blackmail attempt against financial information service provider Bloomberg. 15 Aug 2000

 

Hacking the hackers

Chris Rouland and his team pioneer the fight against network hackers. We asked him about the potential dangers posed by open source operating systems and how his team infiltrates known hacking groups. 20 Jun 2000

Safe and secure investments

High-profile security glitches may have made the headlines during recent weeks, but resellers in the IT security market have reason to be thankful for the coverage. 04 May 2000

Defeating denial of service attacks

Denial of service attacks are creating yet another security headache for network managers. Although almost impossible to prevent, there are a number of measures you can take to limit the damage if they do occur. 20 Apr 2000

Bringing the net to its knees: how it was done

The heartbeat of ecommerce skipped a beat with the launch of distributed Denial of Service attacks against some of the world's largest ebusiness sites. But as early as November 1999 there had been reports of intruders installing attack tools on compromised hosts. 24 Feb 2000

FBI calls in experts to tackle web attacks

The FBI is consulting security industry experts to develop ways of detecting and preventing the type of attacks suffered by major websites this week. 11 Feb 2000

Pentagon promises checks while EU works on cybercrime guidelines

The US Defence Department plans to check all of its computers with Internet access to ensure they were not used as unwitting agents in the attacks on a raft of ecommerce sites this week. 11 Feb 2000

related whitepapers

today's top stories

Ecommerce

What does Windows 7 mean for Microsoft?

With the sting of Vista still fresh, Redmond has to make next Windows work 10 Jul 2009

Management

A smarter way to use BI

Getting the most from business intelligence systems requires not only careful management on the part of IT leaders, but also the committed involvement of decision-makers across the organisation 08 Jul 2009

Mainstream Matters

The truth behind the Google/Microsoft/NHS rumours

Before Monday 6 July, did you know that Google and Microsoft had services for storing health records? Thanks to an article in... 10 Jul 2009

Management

Quenching a thirst for IT modernisation

A substantial restructure at soft drink supplier Nichols -­ purveyor of Vimto - ­led the company to update its software to Sage 1000 to replace its in-house application. This resulted in the streamlining of the IT department and an opportunity to customise the system 08 Jul 2009

Management

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will Google Chrome OS be a genuine alternative to Windows?

Will Google Chrome OS be a genuine alternative to Windows?

Tell us your views on the new operating system rivalry

View poll results

> More polls

Latest audio and video articles

network cablesVideo

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

green footprintsVideo

How to manage enterprise energy use - and the role IT can play

A panel of experts explore how firms can get to grips with their carbon footprint and make smarter use of energy 01 Jul 2009

> More audio and video

Latest in-depth articles

Google ChromeAnalysis

Lack of enterprise appeal takes shine off Chrome OS

Enterprise buyers unlikely to ditch Windows for Chrome OS in the near term, say experts 09 Jul 2009

Satyam CEO CP GurnaniNews

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More in depth articles

Advertisement

Primary Navigation