Hack Attack Feedback: Sites Still at Great Risk

 
 
By Eric Lundquist  |  Posted 2002-10-28 Email Print this article Print
 
 
 
 
 
 
 

This year's test focuses on the problem-prone area of application-level security.

Early last week, a bunch of unknown hackers launched a brute-force attack against the 13 computer sites that run the Internet. This digital equivalent of the human-wave attacks of physical war staggered seven of the sites, but the Internet kept running, with most users unaware of the assault. Thats the good news. The bad news is that a combination of a slightly more sophisticated hack attack and a really unsophisticated attack by a couple of bad guys with backhoes still presents a danger to the Internet, upon which more and more of our social and economic lives depend.

In this weeks issue, we highlight our fourth OpenHack contest. This years test focuses on application-level security, an increasingly problem-prone area that, in fact, was the downfall of OpenHacks 1 and 2. Microsoft and Oracle have done their best to hack-proof an application built by eWeek Labs and hosted at openhack.com. As of last week, aside from the exploitation of two cross-site scripting vulnerabilities, the site remained unbroken. We use these tests to enable you to understand the latest hack attacks and defenses—without putting your site at risk to do so. Well leave it to someone else to figure out how to defend against those backhoes. For the latest on OpenHack 4, see Tim Dycks article, "Crack in OpenHack."

In "ICANN Targets DDoS Attacks," Dennis Fisher delves into the attack on those Internet root servers and asks what changes are being considered to help defend against future attacks. One program under consideration by the federal government—to buy service only from providers that install added security features—could force ISPs to upgrade security.

Also in this issue, Peter Coffee reports from the annual Microprocessor Forum in San Jose on the future of processor development and all those 64-bit claims by processor vendors. As Peter explains in his article, the comments and presentations at the forum suggest a shift of power from technology providers to technology buyers. See "CPU Power Push" for the latest analysis of processor offerings from Intel, AMD, Motorola and Centaur. An accompanying article by Jason Brooks looks at processor requirements for the next round of handheld devices.

And what software will those devices be running? Certainly, Microsoft would like to see lots of smart devices running Windows CE. In "Microsoft Thinks Small," Peter Galli and Carmen Nobel give us the scoop on an operating system, code-named McKendric, that is aimed a range of products, including VOIP phones.

Is your site as safe as you think? Write to me at eric_lundquist@ziffdavis.com.

 
 
 
 
Since 1996, Eric Lundquist has been Editor in Chief of eWEEK, which includes domestic, international and online editions. As eWEEK's EIC, Lundquist oversees a staff of nearly 40 editors, reporters and Labs analysts covering product, services and companies in the high-technology community. He is a frequent speaker at industry gatherings and user events and sits on numerous advisory boards. Eric writes the popular weekly column, 'Up Front,' and he is a confidant of eWEEK's Spencer F. Katt gossip columnist.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel