Free Republic
Browse · Search		 News/Activism
Topics · Post Article

Skip to comments.

Hacker Points Out WorldCom Network Flaw
information week ^ | Dec. 6, 2001 | George V. Hulme

Posted on 12/7/2001, 2:43:03 AM by classygreeneyedblonde

A hacker who has discovered and warned about major security failures at Microsoft, America Online, and Yahoo has found another problem, this time at WorldCom. According to 20-year-old Adrian Lamo, WorldCom's security vulnerability could have exposed many of the company's customer networks to attack, including those belonging to Bank of America, Citicorp, JP Morgan, and Sun Microsystems.

WorldCom spokeswoman says the company secured its networks within hours of being notified by Lamo about the problem. There is no evidence of any impact for WorldCom customers, she says. Human error, according to the spokeswoman, resulted in the wrong filter being used on a router

Lamo says the improper configuration is not something always covered in security audits. Security personnel are "mostly looking for known vulnerabilities, and this wouldn't typically come up," he says.

Lamo says he was able to surf WorldCom's internal network just as if he were a company employee. He says he would have been able to list names and Social Security numbers "in batches of 500" for the telecom's more than 80,000 employees. But WorldCom shouldn't be faulted for not having found the security problem before he did, he adds. "It's the same thing that affected Yahoo, Microsoft, and Excite@Home."

Pete Lindstrom, director of security strategies for Hurwitz Group, is more critical. "Why was some random, well-meaning hacker able to find this problem before the internal WorldCom security management group?"

TOPICS: Miscellaneous; News/Current Events
KEYWORDS:
Navigation: use the links below to view more comments.
first 1-2021-22 next last
Hackers can be good guys to
1 posted on 12/7/2001, 2:43:03 AM by classygreeneyedblonde
[ Post Reply | Private Reply | View Replies]
To: classygreeneyedblonde
All your social security numbers are belong to Lamo.
2 posted on 12/7/2001, 2:51:00 AM by AStack75
[ Post Reply | Private Reply | To 1 | View Replies]
To: classygreeneyedblonde
Hackers are good guys. Crackers are evil hackers. (I know there are several definitions of crackers)
3 posted on 12/7/2001, 2:51:56 AM by evolved_rage
[ Post Reply | Private Reply | To 1 | View Replies]
To: classygreeneyedblonde
Pete Lindstrom, director of security strategies for Hurwitz Group, is more critical. "Why was some random, well-meaning hacker able to find this problem before the internal WorldCom security management group?"

Because they are probably an overworked bunch that spend most of their time reacting to problems that arise instead of being able to proactively fix things. Management usually underestimates the amount of work it takes to effectively harden networks.

4 posted on 12/7/2001, 2:55:44 AM by sigSEGV
[ Post Reply | Private Reply | To 1 | View Replies]
To: classygreeneyedblonde
Sorry this triggers my bull**** detector. What exactly was this miraculous "weakness"? Lack of specific information is telling here.
5 posted on 12/7/2001, 3:01:55 AM by Huusker
[ Post Reply | Private Reply | To 1 | View Replies]
Comment #6 Removed by Moderator
To: Huusker
My guess is something along the lines of allowing source routed packets and not doing proper ingress / egress filtering
7 posted on 12/7/2001, 3:13:39 AM by sigSEGV
[ Post Reply | Private Reply | To 5 | View Replies]
To: innocentbystander
According to Dshield.org, the most probed ports (in descending order) are:

80
HTTP Web server

21
FTP servers typically run on this port

53
DNS. Attack against old versions of BIND

111
RPC. vulnurable on many Linux systems. Can get root

4665
?

22
Secure Shell, old versions are vulnerable

520
?

6346
Gnutella is a peer-to-peer file sharing tool

27374
Scan for Windows SubSeven Trojan

4
?

8 posted on 12/7/2001, 3:24:53 AM by strela
[ Post Reply | Private Reply | To 6 | View Replies]
Comment #9 Removed by Moderator
To: evolved_rage
Everyone from the south is a evil hacker???
10 posted on 12/7/2001, 3:30:47 AM by philetus
[ Post Reply | Private Reply | To 3 | View Replies]
To: innocentbystander
Adrian Lamo prides himself on hacking networks with only a web browser. Probably just a misconfigured proxy server he attached to.
11 posted on 12/7/2001, 3:35:09 AM by sigSEGV
[ Post Reply | Private Reply | To 9 | View Replies]
Comment #12 Removed by Moderator
To: innocentbystander
The problem is that there are lots of bozos out there passing for IS people these days.

Ayup. I remain firmly convinced that a chimpanzee could easily work as an "IS professional" in many companies if it had an MBA and didn't poop on the conference room table during staff meetings.

13 posted on 12/7/2001, 3:40:29 AM by strela
[ Post Reply | Private Reply | To 9 | View Replies]
To: classygreeneyedblonde
I suspect he used social engineering to find
out information from employees at other
locations that allowed him to ultimately gain
enough knowledge of the network to
do his hack.  That is otherwise known as
fraud.

Good intentions don't alleviate what he has
claimed to have done.  He should be held
accountable and prosecuted if he intentionally
defrauded for his own purposes.

I don't believe that he was able to get into
the customer networks and at the same
time the WorldCom Corporate network
because there is physical separation
between the internal network and what
is sold to customers.  This sounds like false
bravado from an young punk.

But then, what do I know?  I'm just a
Worldcom technician.
 

14 posted on 12/7/2001, 3:40:38 AM by higgmeister
[ Post Reply | Private Reply | To 1 | View Replies]
Comment #15 Removed by Moderator
To: innocentbystander
http://www.securityfocus.com/news/296
16 posted on 12/7/2001, 3:56:54 AM by sigSEGV
[ Post Reply | Private Reply | To 15 | View Replies]
To: innocentbystander
He's really just another script kiddie. Just a really patient script kiddie.
17 posted on 12/7/2001, 3:58:51 AM by sigSEGV
[ Post Reply | Private Reply | To 15 | View Replies]
To: higgmeister
I knowa guy that went to carnigie mellon and he was paid 100,000 for 90 seconds of work....... this bank paid that to whomever could break into their highly sophicated security system........now he is workin for that bank making millions
18 posted on 12/7/2001, 4:01:10 AM by classygreeneyedblonde
[ Post Reply | Private Reply | To 14 | View Replies]
To: Huusker
Probably because there's a lot of technical stuff involved, which most people wouldn't be able to follow.
19 posted on 12/7/2001, 4:28:59 AM by billybudd
[ Post Reply | Private Reply | To 5 | View Replies]
To: higgmeister
Interesting use of the phrase "social engineering".
20 posted on 12/7/2001, 4:31:48 AM by billybudd
[ Post Reply | Private Reply | To 14 | View Replies]

Navigation: use the links below to view more comments.
first 1-2021-22 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search		 News/Activism
Topics · Post Article
FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson