New Security Tool Aims to Sniff Out Hackers

Independent online security firm and think tank L0pht Heavy Industries has released an advanced intrusion detection program designed to augment computer network integrity and protect systems against attacks from hackers.

The product works by alerting users to a hacker/cracker-related or other system compromise. “AntiSniff is a whole new breed of network security tool, designed to detect the attack patterns used in compromising a computer network, instead of merely being reactive to already known vulnerabilities,” commented Dr. Mudge, chief scientist for L0pht.

AntiSniff, currently in beta version for Windows NT, is freely available to anyone who would like to download it from the company’s official Web site.

Do You Feel Like Someone Is Eavesdropping On You?

“Network communication can be likened to a large group of people standing together in a room and talking,” according to an L0pht statement. “When people talk to each other, others have the ability to listen in.”

Attackers have tools such as “packet sniffers” that give them the ability to monitor a computer network, accessing confidential e-mails, account names, passwords and credit card information. “AntiSniff works by running a number of non-intrusive tests, in a variety of fashions, which can determine whether or not a remote computer is listening in on network communications,” added Mudge.

The commercial release of AntiSniff, for both NT and UNIX, will be available later in the summer. Founded in 1992, L0pht Heavy Industries has developed and currently markets L0phtCrack, an NT password auditing tool. In addition, the company issues security advisories for individuals and businesses through its Web site.

Threats To E-Commerce

A recent study — conducted by Information Security Magazine — indicated that e-commerce operations are 57 percent more likely to experience a security breach than other online sites. Additionally, e-commerce sites are 24 percent more likely to be the target of a hacker/cracker attack.

Cult of the Dead Cow (CDC), the controversial hacker/cracker group that recently released the Back Orifice 2000 trojan program, has indicated that current security options available to e-commerce companies are inadequate.

According to a ZDNet report, CDC is working on its own security product — the CDC Protector — designed to block both viruses and trojan horse programs. With CDC’s forthcoming security solution, users are advised of anything unusual that occurs.

CDC spokesperson Sir Dystic has said his hopes are that the actions of his organization will force software vendors to release higher quality and more secure products.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

LinuxInsider Channels