Japan hacking- buffer overflow

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

Japanese Internet hacking techniques uncovered

The Metropolitan Police Department (MPD) in Tokyo says it has partly figured out how hackers gained illegal access to Japanese Government web sites in a recent series of attacks.

Investigators at the Kojimachi police station discovered that in six of 15 attacks on sites - including those run by the Science and Technology Agency, the Transport Ministry and affiliates of Japan Broadcasting Corporation - hackers used a technique called "buffer overflow".

Hackers can create a buffer overflow by overloading a Web server with data, causing bugs that make it easier to trick the computer into executing arbitrary commands.

Police say they are analysing access logs in the remaining nine cases to check the routes hackers used in penetrating servers.

Investigators also notified government bodies about the technique.

Most of the logs on the servers had been erased, the MPD said, adding it has been trying to restore data based on traces remaining on server hard drives.

Tighten

Meanwhile, a Liberal Democratic Party team developing counter measures against hacking and Internet crime proposed the establishment of a Cabinet Secretariat body this year, to tighten information security.

Computer security task forces should be set up at each government agency and a set of government Web guidelines should be developed with computer specialists, the team said.

Hackers broke into Web sites run by Japanese government bodies and other commercial sites starting January 24, when Osaka hosted a forum, denying the 1937 Nanjing Massacre.

In most of the attacks, hackers posted messages criticizing Japan for the massacre.

http://www.abc.net.au/news/science/internet/2000/02/item20000216051742_1.htm

-- Martin Thompson (mthom1927@aol.com), February 16, 2000


Moderation questions? read the FAQ