There is a really interesting discussion regarding February Internet problems at a new website:

http://pub5.ezboard.com/fprudentlivinginthenews.showMessage?topicID=195.topic

Here are two of the postings. I've raised some questions after each one:

****************************************************************** Post From: Zavijaveh Global user (2/10/00 5:51:35 pm) Reply Re: TCP/IP

Here's something the Denver Post reported today: "The attacks seemed to come from 'hundreds of thousands' of computers, said Keith Rodwell, technical director for the site [ZDNet]." Is this even possible? Hundreds of thousands???

End of first quoted post

******************************************************************

Has anyone else heard this reported?

How could that be explained?

Here is another posting:

******************************************************************

From: SANman2000 Global user 2/10/00 11:30:21 pm) Reply Re: Hackers

"....SO, here is my theory;

The routers contain a ARP table, that is they update the IP addresses for whatever they are connected to. I suspect a router went down with a failure on the WEB and dump their IP addresses in a loop situation to Yahoo, etc. The company that had that router took hours to figure what was going on (that is, why are they down) and found the problem and powered down the router (IPL, reset, init, ) and fixed the problem at there site, but had no idea what happened else where. THINK ABOUT IT. I will try to explain later what I am trying to say. I REALLY think this Y2K related, but as usual how do you prove it. LEAP YEAR, ALL MOST HERE?" SANman

End of second quoted post

******************************************************************

Does this theory of SANman's sound remotely plausible?

How could the theory be proved or disproved?

Thanks,

-- Inquiring (Inquiring@minds.calm), February 12, 2000

Answers

Ahem...to quote from www.ntk.net:

The sites chosen are, so far, exclusively American, with a reputation for being rather well run (well, apart from E-Bay). All the first hits took place right in the center of the individual site's peak periods; probably a coincidence, but if deliberate, that requires a high degree of proprietary knowledge. Then there's the end results. We've seen the FBI going open source and releasing code to help prevent and detect the attack, we've seen network providers like GlobalCenter realising they're going to have to be more responsive, and smaller sysadmins admit they're going have to tighten security at the edge of the network, and install more clueful filtering. Everything veteran administrators have been suggesting for years. None of which benefits the presumed miscreants, script kiddies, who would anyway have blurted by now and been transported to world fame and a prison sentence.

-- a programmer (a@programmer.com), February 12, 2000.

Related article in Phila. Inquirer newspaper today, can be viewed online at http://www.phillynews.com/inquirer/2000/Feb/12/front_page/HACKER12.htm .

---------

Hacker attacks may harm privacy Tracking of Web users could increase alongside efforts to protect sites, some observers fear.

By David L. Wilson KNIGHT RIDDER NEWS SERVICE

WASHINGTON - Internet experts and civil-liberties advocates are raising concerns that the recent rash of Web-site attacks may provoke the kind of technological fixes that could make the online world more secure at the expense of individual privacy.

The anonymous vandals who launched assaults on some of the Web's busiest sites this week used a technique known as a "distributed denial of service" attack. While computers at two California university campuses and an Internet router at another were linked yesterday to this week's Web attacks, narrowing the field, finding the precise source of such attacks and repelling them is extremely difficult. In part, that is because the Internet is, by design, a free and open system in which anonymity is the rule.

That could easily change, however, experts say.

They fear that some people may call for building tight controls into the Internet's infrastructure, which would allow the tracking of the movements of individuals as they navigate through cyberspace.

This would make it easier to protect commercial Web sites and police against online crime. But in such an environment, law-abiding users might also decide it's not safe to look at information on controversial topics, political issues or health matters for fear that someone could monitor their movements and use that information to harm them, professionally or socially.

"There's no question that when this kind of event occurs, it garners support for efforts to be more restrictive on access and more intrusive on privacy," said Gene Spafford, director of Purdue University's Center for Education and Research in Information Assurance and Security and one of the world's leading experts on computer security.

Civil-rights advocates agree, and insist that the Internet must continue to maintain a balance between security and privacy. "Without privacy on the Internet, you lose the freedom to explore and discover. It chills free speech," said Tara L. Lemmey, president of the Electronic Frontier Foundation.

Yesterday, experts investigating attacks against major commercial Web sites this week confirmed that the vandals used a desktop computer at the University of California at Santa Barbara and an Internet router, a device that can amplify data traffic, from Stanford University, officials at both schools acknowledged yesterday.

There was no indication that anyone at either university was directly involved, only that their equipment was used. Experts believe dozens of computers nationwide were hacked and had electronic attack software secretly installed.

"They've attacked us in a way that hurts what we do as a university, and hurts all universities," said Robert Sugar, chairman of the information technology board in Santa Barbara. The school's computer was believed used in the attack against CNN's Web site on Tuesday.

The University of California at Los Angeles also reported that some campus computers were used in the attack. A spokesman declined to comment on the site or sites targeted by the UCLA computers.

Stanford said one of its routers, at a remote wildlife preserve, was used to transmit some of the data aimed against eBay's Web site for about 30 minutes before engineers blocked hackers from using it.

"It's really out in the middle of nowhere," said Dave Brumley, assistant computer security officer at the school. He said engineers have checked Stanford's other routers to prevent their similar misuse.

Meanwhile, experts investigating the case suggested that the vandals in Monday's attack against Yahoo's Web site, the first to be shut down for hours, may have been far more sophisticated than originally believed.

E-mail from Yahoo engineers, describing the attack in unprecedented detail, said that the vandals apparently "knew about our topology and planned this large-scale attack in advance," and that other companies hit this week also were targeted "where it hurts the most."

This e-mail, sent as a warning to some Internet providers and obtained by the Associated Press, also described the Yahoo attackers as "smart and above your average script-kiddie," a derisive term for an unskilled hacker, and said they "probably know both Unix and networking . . . pretty well and learn about site [configuration] to find weak spots."

An executive at GlobalCenter Inc., which provides Yahoo's Internet connection, also said yesterday that engineers there were surprised during the attack, which flooded Yahoo with more data each second than some major Web sites receive under normal conditions in an entire week.

"About an hour into the initial attack, they were already commenting about what appeared to be some level of sophistication," said Laurie Priddy, the company's executive vice president. "These [vandals] seemed pretty smart who were doing it."

As the investigation into the hacking continues, the concern among many Internet experts is not so much new laws, at least in the United States, but new technology that would boost security at an unacceptable price to personal liberty.

Instituting such a change could be a mere matter of distributing and installing new hardware and software. As Harvard law professor Lawrence Lessig argues in his new book, Code and Other Laws of Cyberspace, it is not legal codes that define how we use systems such as the Internet, but software code. It is programmers and hardware engineers who will define the limits on human behavior and society in cyberspace.

For instance, after Intel Corp. introduced its Pentium III microprocessor, privacy advocates were shocked to discover that each new chip broadcast a unique identification code when it was connected to a network. Intel developed the feature to make networking more secure, and company representatives initially seemed baffled by cries that such a system would undermine privacy. Intel eventually agreed to ship each chip with the feature turned off.

Part of the reason for the increasing fears for privacy are related to ongoing political battles that center on the issue of anonymity. For instance, laws aimed at restricting sexually oriented material distributed via the Internet to adults have been struck down by the courts, largely because there is no way to ensure that only adults get such material, since proving identity is cumbersome in cyberspace.

Because it is nearly impossible to determine whether a visitor to a Web site is an adult, Web-site operators have argued convincingly that the only way to protect themselves from possible legal action would be to stop displaying any material that could be found inappropriate for minors. This, they say, could result in censorship of such content as works of art that feature nudity, AIDS information, and guidance about birth control.

Limiting all speech in cyberspace to speech appropriate for a child violates the First Amendment right to free speech, the Supreme Court has ruled. But legislators on both the federal and state levels are still trying to enact restrictions that could withstand judicial scrutiny.

Privacy advocates acknowledge the seductive power of the logic of giving up a basic liberty in return for a safer environment. But they warn that such a bargain is the hallmark of an authoritarian society.

Asked whether it wouldn't be worth giving up some privacy on the Internet in return for more security, the Electronic Frontier Foundation's Lemmey said: "I think China is currently trying to deploy a system like that."

The push for tighter controls on the Internet may be precisely what the perpetrators of these recent attacks do not want to see happen.

"The people who do this kind of thing often claim they want a more open network, more anonymous access," said Spafford, of Purdue University. "Yet this behavior leads to pressure to restrict those very behaviors."

-- Chris (catsy@pond.com), February 12, 2000.

BTW, if I was a conspiracy theorist, I'd say that the FBI and gov. are doing those attacks to get the "herd" to demand gov. control and "security" on the internet ;-)

-- Chris (catsy@pond.com), February 12, 2000.

From: Y2K, ` la Carte by Dancr (pic), near Monterey, California

Now the FBI hunt for the mad hacker looks like Don Quixote, tilting at windmills.

-- Dancr (addy.available@my.webpage), February 14, 2000.