Computer Repair HP Printer Repairing
H2Esp Houston Texas

If someone's trying to gain unlawful access into your network, or into one of your servers, it's always a good thing to know about it. For some networks, this is a rare occurrence. For others, it is an every day event averaging  hack attempt once every 4.5 minutes against its network. There are a multitude of packages out there to help monitor your network for these attacks. 

Trojans are "back doors" into a system. A hacker may disguise a trojan as another program, or game, in order to 'trick' a user into installing it on their system. The most famous of these trojans to date is probably Back Orifice by the Cult of the Dead Cow. This trojan was believed to have infected thousands of computers around the world.

Once installed, a hacker may have access to all of the files on your hard drive, be able to delete or create files, open your cd-rom drive, reboot your computer, make pop-up messages appear, or do any other host of things.

An Intrusion Detection System (IDS) attempts to watch a network or system for incoming attacks, or for malicious or unauthorized use of network or system resources. Typically, an IDS acts as an informant, rather than a policing agent, for a network. There are several IDS's on the market, for example one of the IDS's we use is Real Secure by Internet Security Systems.

Denial of Service Attacks (DOS, not to be confused with the operating system) are a set of attacks designed to prohibit users from accessing any given network based resource. Common DOS attacks have included: teardrop, synfloods, and winnuke. 

So, how can you tell if someone's attacking you, and if someone is, how can you tell who? There are several "detectors" available for windows based operating systems. This software monitors ports which are commonly the target of DOS attacks, and notifies you when it detects a potential attack. It can even help you to determine who's doing the attacking. 

MS Source Code Laid Bare
February 13, 2004
By Pedro Hernandez

News broke yesterday among IT community boards and Windows enthusiast sites of a source code leak affecting Microsoft. More specifically, code that exposes some of the inner workings of Windows NT 4 and 2000.

While only a fast spreading rumor sparked by NeoWin.com yesterday evening, the software giant has since confirmed that indeed portions of the code "were illegally made available on the Internet."

Microsoft makes much of its most important source code available to a host of governmental, educational and corporate organizations under strict confidentiality agreements. Identifying the source of the leak may take time and according to the software giant, they "take such activity very seriously. We are currently investigating these postings and are working with the appropriate law-enforcement authorities."

"At this point it does not appear that this is the result of any breach of Microsoft's corporate network or internal security," said the official statement, confirming that the company doesn't believe they were hacked and that the code was pilfered from their systems.

BetaNews is reporting that software maker Mainsoft is the probable cause of the leak. An analysis of the files bears several mentions of the company and fingerprints of the machine used by Eyal Alaluf, the company's Director of Technology.

One obvious concern is the security of end users. The company states that for the moment the code leak has had no "known impact" but it will keep an eye on the situation.

A picture of what parts of code are being spread across the Internet is still being determined. However, the compressed package is approximately 200 MB, 650 MB decompressed, implying that only a portion of the full source is being out in the wild.

Al Gillen, IDC research director, told sister-site internetnews.com, "That all has to be answered before you can even start to assess how serious it is for Microsoft." The full source weighs in at 40 million lines of code. Gillen ads that "I don't think that someone is going to zip that up and send it around."

According to "The New Hacker's Dictionary - third edition" compiled by Eric S. Raymond:

cracker n. - One who breaks security on a system. Coined ca. 1985 by hackers in defense against journalistic misuse of hacker. While it is expected that any real hacker will have done some playful cracking and knows many of the basic techniques, anyone past larval stage is expected to have outgrown the desire to do so except for immediate, benign, practical reasons (for example, if it's necessary to get around some security in order to get some work done).

hacker n. - A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
~
Whether your company is looking to reduce costs, increase customer satisfaction, reduce risks, or empower employees, information technology can provide the tools to support your corporate strategies. H2Esp Business and Technology has the solutions that address key business concerns commonly held by medium and large businesses. These solutions consist of technology products that work well together, beginning-to-end services from assessment and cost validation to design and implementation, as well as lab-tested best practices.

| Home | Contact Us | Business Intranet | Servers | Remote Access | Back-Ups | IT Solutions |