|
|
Packet Storm Site Search
Want to release something on Packet Storm? Submit it here (FAQ).
|
 |
 |
 |
 |
 |
|
 |
|
 |
 |
 |
 |
Packet Storm 2000: Storm Chaser 2000
COMPETITION RULES ARE ANNOUNCED!
The talk of distributed attack tools is causing quite a stir. Obviously we are seeing just the tip of the iceberg with what is to come; attacks which involve factors such as encryption, mobility, stealth, that are under anonymous control, that update themselves, that use communication to co-ordinate, that are controlled by hacktivists, cyberterrorists, cybermilitia and, of course, governments. The Internet is truly becoming the fourth battlefield, built on top of not just a civilian, but an academic infrastructure.
How do we defend our part of the Internet against information warfare?
Obviously there are more factors involved than just a technical solution; we need to consider issues of policy, international co-operation and co-ordination, and administration.
But can we really wait for governments and politicians to solve this problem when technology increasingly outstrips policy?
With this in mind, Packet Storm poses this question: What pure or applied technical measures can be taken to protect the Internet against future forms of attack?
The Kroll-O'Gara Information Security Group and Packet Storm will offer
USD $10,000 for the best technical white paper which defines the problem
and answers the above question.
Winners will be announced at RSA 2000 in January.
CLICK HERE FOR MORE INFORMATION
|
|
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
 |
|
 |
 |
 |
 |
Alas, there is much to fear!
Y2k is near, and TFN2k is here!
New features include: Remote one-way command execution for distributed execution control, Mix attack aimed at weak routers, Targa3 attack aimed at systems with IP stack vulnerabilities, Compatibility to many UNIX systems and Windows NT, spoofed source addresses, strong CAST encryption of all client/server traffic, one-way communication protocol, messaging via random IP protocol, decoy packets, and extensive documentation. Currently no IDS software will recognise tfn2k. Courtesy of Mixter.
Is this the beginning of the end for classical Intrusion Detection?
TFN2k includes the ability to jam Intrusion Detection Systems by ordering
the attack constellation to hit servers pretending to exploit vulnerabilities,
in addition to flooding the network while the attacker slips in below
the (packet) storm [ack, gag]. Let's not forget the ability to send
decoy packets, either. We all know how most of the IDSs out on the
market are already having problems keeping up with ever increasing
network speeds and effectively matching attack signatures without
reporting false positives/negatives. How do we detect this now, considering
TFN2k uses strong encryption and randomly selects the means in which
messages will be sent.
With the ability to send spirious commands
to these drones, I'd hate to see this in the hands of the spammer
community. Of course, then we could easily prosecute... if we could
figure out where the commands are coming from, that is. By using
a custom one-way protocol and spoofing source addresses, this
could be a bit tricky.
Know how we defend against this? Win $10,000. Storm Chaser 2000! :)
|
|
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
 |
|
 |
 |
 |
 |
Confused by all the files on Packet Storm? Administrate a large corporate
network, but don't have the time to keep with Packet Storm's daily
additions? Don't know whether you're using the right tools, but want to
know how vulnerable your network is? Wish you had the spare time all the
hackers seem to have in keeping up with what's cutting edge? Get the
experts to assess your network- Click here
for more details or send us an e-mail.
|
|
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Careers at Kroll-O'Gara ISG
|
|
 |
|
 |
 |
 |
 |
Looking for an interesting job? Want to work amongst world class experts? Want to be on the cutting edge of security?
The Kroll-O'Gara Information Security Group has a number of exciting positions available ----> Click here!
a>
|
|
 |
 |
 |
 |
 |
|
|