Aladdin Security Alert -- Distributed Denial of Service (DDOS) Attacks Straining the Internet -- Windows Attack Trojans Found.Business/Technology Editors SEATTLE--(BUSINESS WIRE)--Feb. 10, 2000 eSafe Protects Windows Machines Against DDOS See denial of service attack. Hackers: Experts Recommend Proactive Security Technologies on all Platforms Aladdin Knowledge Systems Aladdin Knowledge Systems NASDAQ: ALDN is a company that provides solutions for software digital rights management and Internet security since 1985. Its corporate headquarters are located in Tel Aviv, Israel. (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : ALDN), a global leader in the field of digital content security, today announced its eSafe line of products will protect users against the Windows-based version of the computer Trojan responsible for the recent Denial of Service attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. crippling major Internet sites across the country. Aladdin has obtained samples of a Windows-based attack Trojan and submitted it to the International Computer Security Association (ICSA See TruSecure. .Net) for analysis and distribution to the rest of the content security community. THE SECURITY RISK: Over the past few days high profile e-commerce sites, including CNN CNN or Cable News Network Subsidiary company of Turner Broadcasting Systems. It was created by Ted Turner in 1980 to present 24-hour live news broadcasts, using satellites to transmit reports from news bureaus around the world. , AMAZON.COM, EBAY, BUY.COM (1) (Computer Output Microfilm) Creating microfilm or microfiche from the computer. A COM machine receives print-image output from the computer either online or via tape or disk and creates a film image of each page. , YAHOO, and E*TRADE have been hit by sophisticated denial of service attacks, designed to overwhelm targeted Internet sites with bogus requests, preventing access by legitimate users. These recent denial of service A condition in which a system can no longer respond to normal requests. See denial of service attack. (DOS) attacks have been mounted from as many as 1000 computers, although the number has been as little as 3-4 powerful computers. The fact that these DOS attacks originate from several machines at the same time is what sets these Distributed Denial of Service (DDOS) attacks apart from previous DOS attacks. To execute these attacks, the hacker plants many copies of an Attack Trojan on multiple machines, either by hacking into the machines and planting the Trojans manually, or (the more preferred method) sending the Trojan to someone who uses that machine via email and tricking them into executing the Trojan. When executed, the Trojan will embed itself in the system and hibernate See hibernation mode. until such time as the hacker wishes to begin his attack on the actual target. To begin the actual attack, the hacker issues a series of &uot;GO&uot; commands to the Attack Trojans. The Attack Trojans then begin their overwhelming attack against the final target. THE FUTURE IMPACT: The majority of recent DDOS attacks have been launched by Unix-based Attack Trojans due to access to higher bandwidth connections. Although these Attack Trojans have yet to be found in Windows-based PCs, security experts agree that it is only a matter of time before Windows-based PCs become used as &uot;zombie A computer that has been covertly taken over in order to perform some nefarious task. It is estimated that millions of PCs around the world have been compromised and, under the control of a third party, routinely transmit messages unbeknownst to the user. machines&uot; to attack other targets. Actual Windows-based Attack Trojans have been found in the wild available for using by hackers around the world. Peter Tippett, Ph.D., M.D., respected security researcher and Chief Technology Officer at ICSA.Net, emphasized the need for proactive security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security . &uot;DDOS attacks cannot be stopped by relying on conventional, reactive technologies and security policies alone. By the time the attack has been analyzed and a response put in place, the damage has already been done,&uot; Tippett said. &uot;Effective mitigation of the risk posed by DDOS attacks must come from adherence to generic and proactive security policies, adoption of proactive technologies designed look for hostile actions not specific signatures, and forward-thinking security planning.&uot; Experts recommend that network administrators guard against the use of their machines for DDOS attacks by adopting proactive security measures and closing operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. holes. &uot;DDOS attacks are difficult to prevent once underway, due to their randomness and the complexity of the networks involved. Preventing the spread of Attack Trojans by signatures or pattern matching 1. pattern matching - A function is defined to take arguments of a particular type, form or value. When applying the function to its actual arguments it is necessary to match the type, form or value of the actual arguments against the formal arguments in some definition. alone, as standard anti-virus engines do, is next to impossible, due to the ease of changing code settings and creating many new variants of those Attack Trojans,&uot; said David Dittrich, noted DDOS attack expert and security researcher at the University of Washington. &uot;Adequate protection against infection by these Attack Trojans can only be obtained by closing operating system security holes, adopting proactive and generic security policies, and utilizing proactive technologies that are based on generic protection.&uot; THE SOLUTION eSafe Enterprise and eSafe Desktop automatically protect users against this form of Internet vandal through eSafe's exclusive Sandbox technology. eSafe's Sandbox monitors the network or PC for malicious or inappropriate activity. When abnormal activity is detected, eSafe's Sandbox technology automatically quarantines the vandal and blocks the action, preventing access to vital information and damage to network resources. Because eSafe proactively monitors all system activity, rather than scanning for pre-defined or recognized malicious code, it is able to stop vandals without the need for security patches or program updates. ABOUT ESAFE Aladdin's eSafe product suite, which includes eSafe Desktop, eSafe Enterprise and sSafe Gateway, provides the most comprehensive protection available against hostile content security threats on the Internet and gives users confidence in their ability to navigate the Internet safely. eSafe is the only comprehensive suite of content security solutions on the market to provide proactive protection from the gateway to the desktop. It also is the only one to provide Total Sandbox Quarantine(tm) protection against all forms of malicious content including viruses, vandals and worms. A unique feature found only in Aladdin's eSafe solutions, the sandbox erects a protective wall around vital system files and isolates all potentially dangerous viruses, vandals and worms in a sterile environment, preventing them from damaging, infecting or stealing from system resources (1) In a computer system, system resources are the components that provide its inherent capabilities and contribute to its overall performance. System memory, cache memory, hard disk space, IRQs and DMA channels are examples. . Much more than anti-virus protection, the eSafe suite of products enables businesses to: -- block users ability to alter vital system files, thereby reducing IT maintenance and repair costs. -- stop access to web sites with inappropriate or malicious content, such as hate literature or pornography, or those sites known to propagate viruses. -- restrict outgoing emails from sending classified or prohibited content. ABOUT ALADDIN Aladdin (NASDAQ:ALDN) is a global leader in securing digital content, from applications software to Internet use and access. Aladdin's products include HASP (Houston Automatic Spooling Program) A mainframe spooling program that provides task, job and data management functions. HASP - Houston Automatic Spooling Program and Hardlock, software security systems that protect the revenues of developers and publishers; Privilege, a software licensing platform for the Internet; the eSafe line of anti-vandal, anti-virus and content filtering See Web filtering and parental control software. software for PCs and networks connected to the Internet; and eToken for Internet security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. and authentication. Aladdin serves its customers through eight offices located in the world's major software markets as well as a network of 50 distributors serving more than 100 countries. For more information, visit the Aladdin web site at www.aks.com. Note to Editors: All trademarks and registered trademarks are the property of their respective holders. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion