Census contract keeps numbers crunching
- By Judi Hasson
- Aug 03, 2000
Feds heard warnings from hackers last weekend in Las Vegas during Def Con
8, which featured workshops on exploitable vulnerabilities, defense strategies
and the latest tools for the security community.
One of Def Con's most anticipated events was the annual presentation by
the Cult of the Dead Cow. The group released the Back Orifice hacking tool
at Def Con in 1998 and announced an updated version of the Trojan horse
program that targets Microsoft Corp. Windows NT systems at last year's conference.
The group's tools could be used to attack or defend networks.
This year, members of the group offered information on a type of denial-of-service
attack that can disable NetBIOS services on Windows machines. NetBIOS is
a commonly used network protocol for PC local-area networks.
A member of the Cult of the Dead Cow known as Sir Dystic developed a tool
called NBName that he said can exploit the NetBIOS hole by rejecting all
name-registration requests received by servers on TCP/IP networks.
NBName can disable entire LANS and prevent machines from rejoining them,
according to Sir Dystic, who said nodes infected by the tool will think
that their names already are being used by other machines. "It should be
impossible for everyone to figure out what is going on," he added.
However, Microsoft Corp. last week posted an advisory on its Web site saying
that the company is aware of the potential NetBIOS vulnerability. The company
said a patch addressing the problem on Windows 2000 systems can be downloaded
now, while others for the various versions of Windows NT 4.0 are due to
be released "shortly."
Microsoft added that external attacks shouldn't be possible "if normal security
practices have been followed" by organizations.
Distributed by IDG News Service.