[36879] in North American Network Operators' Group
RE: Chinese hackers attack - Risk Assessment?
daemon@ATHENA.MIT.EDU (Petri Stephen)
Mon Apr 23 16:58:49 2001
Message-ID: <56FFA01C212CD511BF8D00D0B712450C01B51561@2mtcxch02.nycps.k12.ny.us>
From: Petri Stephen <Stephen.Petri@nycboe.net>
To: nanog@merit.edu
Date: Mon, 23 Apr 2001 16:56:03 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
So far I've only seen this reported on Wired. The questions is; how serious
is this threat? Any thoughts?
Stephen Petri
-----Original Message-----
From: Rob Healey [mailto:rhealey@onvoy.com]
Sent: Friday, April 20, 2001 1:18 PM
To: Petri Stephen
Cc: nanog@merit.edu
Subject: Re: Chinese hackers plan week-long attack on American websites
and ne tworks
> .....As China and the United States attempt to peacefully end their
> diplomatic standoff ...........crackers from both countries continue to
wage
> private wars on the Internet.
>
> ......Chinese hackers are now vowing to retaliate with a planned week-long
> all-out crack attack on American websites and networks which will start on
> May 1. .......
>
> http://www.wired.com/news/politics/0,1283,43134,00.html?tw=wn20010419
>
Hmmm, we've been seeing picked up activity from Chinese sites for
well over a week now.
They seem to be biased toward x86/Linux hacks/holes for now judging
from attack analysis.
General Port scan, DNS, HTTP and RPC hacks as well although
specific buffer overflow/breakin code seems to be exclusively x86
for
now.
I suppose Solaris SPARC will soon follow as well as the x86 BSD's.
-Rob
--
Rob Healey rhealey@onvoy.com
NE II
ONVOY Core of Engineers
Onvoy Phone (612) 362-5823
2829 University Avenue, S.E. Problems (612) 362-5800
Minneapolis, MN 55414 FAX (612) 362-5899
