Free Republic
Browse · Search
Topics · Post Article

Skip to comments.

Internet Attacks Seen Doubling This Year (Or Why You Should Use A Firewall)
USA Today Online ^ | 10/16/01 | Robert Lemos-ZDNet News

Posted on 10/16/2001 6:39:37 PM PDT by Fighting Irish

The number of Internet attacks reported by companies looks likely to double in 2001, a government-funded security response group reported Monday.

The Computer Emergency Response Team (CERT) Coordination Center, the group that administers the myriad CERTs around the United States, counted nearly 35,000 attacks and probes in the first nine months of this year.

While the increase in such incidents may indicate more intruders attacking, much of the increase is due to the growth of the Internet, said Larry Rogers, a senior member of the technical staff at the CERT Coordination Center.

"There are more targets and more information that can be gathered out there," he said. "Also, more people are aware of security issues." Those who take security to heart, he said, tend to be more likely to report probes and attacks.

At the current rate, the CERT Coordination Center's tally should top 46,000 by the end of the year, doubling the nearly 22,000 incidents counted last year. Each "incident" corresponds to a report filed by a company or organization struck by an intruder, worm, virus or other Internet attack.

While the Internet has seen a massive rise in the number of attacks due mainly to the successes of several worms, those epidemics have little to do with the increase in incidents, said CERT's Rogers. The CERT Coordination Center's policy is to count each worm or virus only once, no matter how widespread the attacks become.

This summer, SirCam, Code Red and the Nimda worms have propagated widely and caused headaches for system administrators and people online at home.

Instead, the large number of automated scans for vulnerabilities and Web defacements contribute more to the rapid increase.

When the CERT Coordination Center started counting incidents in 1988, the year that Robert T. Morris released his Internet Worm, only a handful of attacks made it on the list.

In 1989, that number hit 132 and approximately doubled for the next five years. Between 1994 and 1998, however, the number of incidents leveled off around 2,500. By 1999, the number of reported attacks and probes hit almost 10,000 and more than doubled the next year.

CERT considers an incident as any group of activities in which the same tool or exploit is used by an intruder. An incident can affect anything from a single computer to numerous host computers at hundreds of thousands of locations.

Rogers surmised that attacks hit a plateau because the Internet still wasn't as widely used as it is today.

"The Internet hadn't quite caught back then as it has now," he said.

The growth in the Web and availability of inexpensive computers has lead to more insecure computers and more curious hackers probing the Internet via sniffer packets, Rogers said.

TOPICS: Front Page News; News/Current Events

1 posted on 10/16/2001 6:39:37 PM PDT by Fighting Irish
[ Post Reply | Private Reply | View Replies]

To: Fighting Irish
I know that at least one university requires ssh(secure shell) for all campus unix computers. The ordinary telnet and ftp does not do the trick anymore.
2 posted on 10/16/2001 6:51:25 PM PDT by TigerLikesRooster
[ Post Reply | Private Reply | To 1 | View Replies]

To: Fighting Irish
I can attest to this, I have my linux netfilter firewall to record every dropped packet coming in and it is hundreds per day. Mainly the Nimda virus. People that run IIS get what they deserve :)
3 posted on 10/16/2001 6:52:45 PM PDT by lelio
[ Post Reply | Private Reply | To 1 | View Replies]

To: Fighting Irish
ZoneAlarm is one of the better free ones. ZoneLog shows what is happening.
4 posted on 10/16/2001 6:56:52 PM PDT by B4Ranch
[ Post Reply | Private Reply | To 1 | View Replies]

To: B4Ranch
It does call for a bit of education, though -- a naive user looking at the ZoneLog (or, worse, leaving pop-up alerts turned on) might be alarmed by normal background noise. An occasional random ping is like a bit of white powder on a donut shop counter: harmless, but it could be misinterpreted.
5 posted on 10/16/2001 7:06:52 PM PDT by steve-b
[ Post Reply | Private Reply | To 4 | View Replies]

To: Fighting Irish
I have a Mac, 56K modem, and dial up connection. Any real need? IPNetSentry has been suggested by others.
6 posted on 10/16/2001 7:20:55 PM PDT by Self Ruler
[ Post Reply | Private Reply | To 1 | View Replies]

To: steve-b
True...which is why you should notice if it indicates asking permission or if the sniffer is actually blocked.

I use ZoneAlarm and am very happy with it....and there is a free version!!!!

7 posted on 10/16/2001 7:21:22 PM PDT by Fighting Irish
[ Post Reply | Private Reply | To 5 | View Replies]

To: Fighting Irish
I'm on a cable modem and I have Zone Alarm. On 9-11 and the days after, I was getting a tremendous number of hits or pings (400 to 500 a day. Toady it's down to about 30 to 50 a day.

I've got Norton anti-virus and it alerted me to the nimda virus from of all places a site on Japanese cooking knives! I sent them an email and then called them on their 800# to tell them. The nimda virus is very tricky and persistant. I got a second hit just trying to email the infected site. Thank gosh for Norton. I was lucky. Be careful out there.

8 posted on 10/16/2001 7:33:35 PM PDT by garyhope
[ Post Reply | Private Reply | To 1 | View Replies]

To: Self Ruler
I started using Zone Alarm Pro with my laptop (I'm using a DSL connection) and the free Zone Alarm version on my dial up PC at home.

It works equally well on both. The Pro version has a few more bells and whistles but they both block outside intrusions.

It isn't so much the risk of an actual hacker attempting to gain access but, sniffer packets or sniffer programs that attempt to pull information from your hard drive. It could be something as innocent as a marketing company investigating your internet habits to something more sinister.

With all that's going on in the world these days I suspect EVERYTHING!

Whatever the source... a firewall should now be a household item for all online usage. You have to ask yourself, how important are the files on your hard drive? Your home address? Your email addresses? Personal letters? Information concerning your children? Business information?

It's a simple fix.

9 posted on 10/16/2001 7:34:23 PM PDT by Fighting Irish
[ Post Reply | Private Reply | To 6 | View Replies]

To: steve-b
Most of the pings were from my ISP, but a lot were coming in from Asia and Europe too. I guess they were probes or robots.
10 posted on 10/16/2001 7:35:08 PM PDT by garyhope
[ Post Reply | Private Reply | To 5 | View Replies]

To: garyhope
How do you like cable? I have an opportunity to switch over from DSL. Mostly because it's cheaper but, is it any faster?

I was told by my phone company that cable modem is faster only if you are either the first one off the cental office or if there were not too many modems pulling.

If there is a large number of subscribers in your area then it gets considerably slower. Is that true?

11 posted on 10/16/2001 7:39:20 PM PDT by Fighting Irish
[ Post Reply | Private Reply | To 8 | View Replies]

To: Fighting Irish
Unfortunately, ZoneAlarm is not Mac compatible. I have been told that Macs are not as vulnerable as PC's and that dial up's are not as vilnerable as cable connections. Still, I wonder. If anyone has some reliable information regarding Macs and security issues, I am interested.
12 posted on 10/16/2001 7:50:40 PM PDT by Self Ruler
[ Post Reply | Private Reply | To 9 | View Replies]

To: Fighting Irish
OK, anyone...I have a Firewall (A Netgear 8 hubport) - for my home computers - that's all I know - I suppose I'm safe, since I've had no problems...any suggestions (I have cable modem service). Any suggestions appreciated for this non-technical type.
13 posted on 10/16/2001 7:53:39 PM PDT by goodnesswins
[ Post Reply | Private Reply | To 1 | View Replies]

To: goodnesswins
As others have mentioned, the free version of ZoneAlarm (Click here for link to free download) should provide enough protection for home users, and its free!

I also recommend installing Guidescope. Guidescope runs as a proxy server on your PC and it blocks all access and cookies from sites that you don't want to track you as you move around the web.

14 posted on 10/16/2001 8:01:20 PM PDT by Fixit
[ Post Reply | Private Reply | To 13 | View Replies]

To: Fixit
Thx for the Guidescope link!
15 posted on 10/16/2001 8:10:41 PM PDT by Fighting Irish
[ Post Reply | Private Reply | To 14 | View Replies]

To: Fighting Irish
I like cable and would hate to go back to dial up. I don't know how it compares to DSL. I think some DSL might be faster than cable. Yes, the cable does slow down sometimes depending on traffic, but most of the time it's pretty darn fast. Some sites and servers slow down sometime, but that's not the cable. You get very spoiled with cable. It's usually pretty fast.
16 posted on 10/16/2001 10:59:58 PM PDT by garyhope
[ Post Reply | Private Reply | To 11 | View Replies]

To: Self Ruler
I have a Mac, 56K modem, and dial up connection. Any real need?

If you're running OS 9.x or lower, no. The way Pre-X MacOS is designed, it's essentially impossible for hackers to access anything (unless you have file sharing turned on; you're not on a local network are you?). Combine that with the fact that hardly any hacker cares about the Mac anyway (why waste the time to try to develop hacks for a platform that less than 10% of the world uses, especially since Windows is so badly written that it's a hacker's wet dream to start with?), and your chances of being successfully penetrated are nearly zero.

Not that it would hurt to get a firewall program anyway, since you never know when someone just might come up with some new way to hack into a Mac. But I wouldn't lose sleep over it.

If you have OSX, your risks are somewhat higher, since OSX is essentially Unix.

17 posted on 10/16/2001 11:09:09 PM PDT by Timesink
[ Post Reply | Private Reply | To 6 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794 is powered by software copyright 2000-2008 John Robinson