Netsurfer Digest: Vol. 04, #29

Robert Hettinga rah at shipwright.com
Fri Oct 2 16:37:19 PDT 1998




--- begin forwarded text


From: editor-bounce at netsurf.com
Date: Fri, 2 Oct 1998 19:22:38 -0700 (PDT)
X-Authentication-Warning: smtp2.zocalo.net: editor set sender to
editor-bounce at netsurf.com using -f
Subject: Netsurfer Digest: Vol. 04, #29
Mime-Version: 1.0
Precedence: bulk

NETSURFER DIGEST
More Signal, Less Noise Volume 04, Issue 29
Wednesday, September 30, 1998

<snip>

BREAKING SURF

Credit Card Data Compromised at Online Auction Sites

Mark Dodd owns AuctionWatch, a neat auction site information center. He was
running searches on the major search engines and by sheer accident
uncovered a security hole in some software used by many of the online
auction houses. It's a big one, too. If the auction site misconfigures its
software, and apparently many do, the first happy hacker to come along can
steal its customers' credit card numbers and addresses. Mark went to CNet
with the story, which warned many of the affected sites of the potential
havoc and scooped up a good story in the process. Remember, the safety of
your credit card data is only as good as the security savvy of the
webmaster guarding it. AuctionWatch: <http://www.auctionwatch.com/>
http://www.auctionwatch.com/
CNet: <http://www.news.com/SpecialFeatures/0,5,26760,00.html>
http://www.news.com/SpecialFeatures/0,5,26760,00.html

<http://adex3.flycast.com/server/socket/127.0.0.1:2800/click/NetsurferDigest/int
ernetnews/123456>
New Hacker Tactic: Slow, Coordinated Attacks from Multiple Locations

A clever new twist in the evolutionary arms race between hackers and online
security forces gives us an excuse to bring you this fascinating Web site.
Hackers, it seems, have discovered herding behavior. Their latest tactic is
to coordinate probes and attacks against online sites from a large number
of separate machines and over a long period of time. By limiting probes to
rates as low as two per hour and dispersing their sources, hackers can
probe beneath current security software's threshold of detection. The Navy
Cooperative Intrusion Detection Evaluation and Response team (CIDER) just
released a report on the technique. The CIDER site is also worth visiting
for information on security and intrusion detection software projects,
notably a database comparing commercial and government tools. Cool spook
stuff. CIDER: <http://www.nswc.navy.mil/ISSEC/CID/>
http://www.nswc.navy.mil/ISSEC/CID/
Report: <http://www.nswc.navy.mil/ISSEC/CID/co-ordinated_analysis.txt>
http://www.nswc.navy.mil/ISSEC/CID/co-ordinated_analysis.txt

<snip>

CONTACT AND SUBSCRIPTION INFORMATION
Netsurfer Digest Home Page:
Subscribe, Unsubscribe:
Frequently Asked Questions:
Submission of Newsworthy Items:
Letters to the Editor:
Advertiser and Sponsor Inquiries:
Netsurfer Communications:
<http://www.netsurf.com/nsd/>http://www.netsurf.com/nsd/
<http://www.netsurf.com/nsd/subscribe.html>http://www.netsurf.com/nsd/subscribe.
html
<http://www.netsurf.com/nsd/ndfaq.html>http://www.netsurf.com/nsd/ndfaq.html
<mailto:pressroom at netsurf.com>pressroom at netsurf.com
<mailto:editor at netsurf.com>editor at netsurf.com
<mailto:sales at netsurf.com>sales at netsurf.com
<http://www.netsurf.com/>http://www.netsurf.com/
CREDITS
Publisher: Arthur Bebak
Editor: Lawrence Nyveen
Contributing Editor:
Production Manager: Bill Woodcock
Copy Editor: Elvi Dalgaard

Netsurfer Communications, Inc.

President: Arthur Bebak
Vice President: S.M. Lieu

Writers and Netsurfers:

Sue Abbott
Regan Avery
Kirsty Brooks
Judith David
Joanne Eglash
Lisa Hamilton
Jay Mills
Elizabeth Rollins
Kenneth Schulze


NETSURFER DIGEST © 1998 Netsurfer Communications, Inc. All rights reserved.
NETSURFER DIGEST is a trademark of Netsurfer Communications, Inc.



--- end forwarded text


-----------------
Robert A. Hettinga <mailto: rah at philodox.com>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'






More information about the cypherpunks-legacy mailing list