NEW YORK "Satan" proved tempting to computer users Wednesday.
Traffic on the global computer network Internet soared ascomputer users - some no doubt with malicious intent - raced to gainaccess to a new program called Satan that exposes weaknesses incorporate computer networks.
Administrators eagerly sought the program to strengthen theirnetworks against hackers. Hackers were believed to be after it tofind and exploit the very weaknesses Satan detects.
"We have some of our network staff that have Internet accesstrying to get their hands on it this afternoon," said Rich Castor,manager of information systems for Blue Bell, Pa.-based U.S.Healthcare Inc.
"It will identify some weakness that we might have; we'llcorrect them and it will raise the bar," Castor said.
Castor said the Satan scare is similar to that raised by recenthacker efforts to paralyze computer systems with viruses.
In just an hour, a hacker using Satan could use uncorrecteddeficiencies in a network to view sensitive information, for example,or set up an account allowing permanent access, computer expertssaid. That would let hackers roam freely among computer networks atbanks, brokerages, aircraft makers and other organizations.
There are plenty of weaknesses to exploit in many networks. Butit takes technical expertise and knowledge about how a network is setup for a hacker to break into a computer system currently.
Satan is easy to install and use, say people who have used it.It still requires technical expertise as well as a Unix computer, atype used mostly by computer science students and engineers.
"It works pretty well. It installs easily. I am running it aswe speak," said Roger Safian, director of the Computer EmergencyResponse Team at Northwestern University in Evanston.
Satan stands for Security Administrators Tool for AnalyzingNetworks. Its presence made computer security experts at severalcompanies edgy Wednesday. "We'd rather not comment," said BartSotnick, spokesman for the New York Federal Reserve.
Officials at major financial institutions, including investmentbank Merrill Lynch & Co. and insurer Lincoln National Corp., saidthey will review the program but wouldn't say whether they have acopy or have used it.
Companies that have it were even more reluctant to discuss it."It's not our practice to discuss security issues," said aspokeswoman at General Electric Co.
Computer security experts at Lawrence Livermore NationalLaboratory near San Francisco developed a program that alertscomputer operators to Satan attacks. The program, dubbed Courtney,sounds an alarm and identifies the computer where the intrusionoriginated. It also is available free on the Internet.
Satan became available free at 11 a.m. Chicago time to anycomputer user with an Internet connection. Several indicators ofInternet traffic, or how much data flows through the network, surgedas computer users roamed the network seeking copies of Satan.
Two key computer systems that search for programs for Internetusers were overwhelmed with requests and temporarily shut down.
Satan was available at one computer site in the Netherlands inthe early afternoon. Copies of the program appeared on at least 50computer sites around the world by midafternoon, computer users whohad searched for it said.
"There's definitely a race to get Satan," said Mike Volk,computer network manager at publisher Princeton University Press.
The program was designed and apparently placed on the Internetby Dan Farmer, a programmer who recently left Silicon Graphics Inc.in a dispute over his desire to distribute the software for free.
Farmer, who lives in San Francisco, developed Satan with WietseVenema, a security expert at the University of Eindhoven in theNetherlands.
They first planned to release the program on April 1. Butbecause that was Saturday, they pushed the release date to April 5,Farmer's 33rd birthday.
Farmer has said he created the program to help networkadministrators find and patch weaknesses in networks that maycontain tens of thousands of computers.
Contributing: Associated Press
Комментариев нет:
Отправить комментарий