RealNews

Mysterious Net traffic spurs code hunt

Worm? Trojan? Attack tool? Network administrators and security experts continue to search for the cause of an increasing amount of odd data that has been detected on the Internet. Security software firm Internet Security Systems (ISS) last Thursday declared victory, saying that a new hacker tool that scans for paths into public networks was responsible. But many other security professionals–including those at Intrusec, the company that originally tracked down the hard-to-find code–believe that ISS jumped the gun. The real culprit likely is still out there, said David J. Meltzer, founder and chief technology officer of Roswell, Ga.-based Intrusec. “It is possible that (the tool’s code) is causing some of this traffic,” Meltzer said. However, he added, key differences between the data that was captured by security professionals and data created by the code suggest that the hacker tool isn’t the original culprit. “That would leave us to believe that there is something out there that is creating the (data) packets that isn’t this Trojan.” However, the security researcher hastened to add that the traffic seen by network administrators isn’t ominous. It merely has piqued the curiosity of quite a few researchers. “I don’t think it is a serious threat because it’s not self-replicating,” Meltzer said. “And it hasn’t caused serious disruptions to anyone.” Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.