[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Netsurfer Digest: Vol. 04, #29

--- begin forwarded text

From: [email protected]
Date: Fri, 2 Oct 1998 19:22:38 -0700 (PDT)
X-Authentication-Warning: smtp2.zocalo.net: editor set sender to
[email protected] using -f
Subject: Netsurfer Digest: Vol. 04, #29
Mime-Version: 1.0
Precedence: bulk

More Signal, Less Noise Volume 04, Issue 29
Wednesday, September 30, 1998



Credit Card Data Compromised at Online Auction Sites

Mark Dodd owns AuctionWatch, a neat auction site information center. He was
running searches on the major search engines and by sheer accident
uncovered a security hole in some software used by many of the online
auction houses. It's a big one, too. If the auction site misconfigures its
software, and apparently many do, the first happy hacker to come along can
steal its customers' credit card numbers and addresses. Mark went to CNet
with the story, which warned many of the affected sites of the potential
havoc and scooped up a good story in the process. Remember, the safety of
your credit card data is only as good as the security savvy of the
webmaster guarding it. AuctionWatch: <http://www.auctionwatch.com/>
CNet: <http://www.news.com/SpecialFeatures/0,5,26760,00.html>

New Hacker Tactic: Slow, Coordinated Attacks from Multiple Locations

A clever new twist in the evolutionary arms race between hackers and online
security forces gives us an excuse to bring you this fascinating Web site.
Hackers, it seems, have discovered herding behavior. Their latest tactic is
to coordinate probes and attacks against online sites from a large number
of separate machines and over a long period of time. By limiting probes to
rates as low as two per hour and dispersing their sources, hackers can
probe beneath current security software's threshold of detection. The Navy
Cooperative Intrusion Detection Evaluation and Response team (CIDER) just
released a report on the technique. The CIDER site is also worth visiting
for information on security and intrusion detection software projects,
notably a database comparing commercial and government tools. Cool spook
stuff. CIDER: <http://www.nswc.navy.mil/ISSEC/CID/>
Report: <http://www.nswc.navy.mil/ISSEC/CID/co-ordinated_analysis.txt>


Netsurfer Digest Home Page:
Subscribe, Unsubscribe:
Frequently Asked Questions:
Submission of Newsworthy Items:
Letters to the Editor:
Advertiser and Sponsor Inquiries:
Netsurfer Communications:
<mailto:[email protected]>[email protected]
<mailto:[email protected]>[email protected]
<mailto:[email protected]>[email protected]
Publisher: Arthur Bebak
Editor: Lawrence Nyveen
Contributing Editor:
Production Manager: Bill Woodcock
Copy Editor: Elvi Dalgaard

Netsurfer Communications, Inc.

President: Arthur Bebak
Vice President: S.M. Lieu

Writers and Netsurfers:

Sue Abbott
Regan Avery
Kirsty Brooks
Judith David
Joanne Eglash
Lisa Hamilton
Jay Mills
Elizabeth Rollins
Kenneth Schulze

NETSURFER DIGEST  1998 Netsurfer Communications, Inc. All rights reserved.
NETSURFER DIGEST is a trademark of Netsurfer Communications, Inc.

--- end forwarded text

Robert A. Hettinga <mailto: [email protected]>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'