advertising information
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




Fight holiday hacker mischief with these tips

December 22, 1998
Web posted at: 1:20 PM EST

by Stuart McClure & Joel Scambray


(IDG) -- Last week's exploration of the impact of Trojan code such as Netbus (see "Netbus hacker tool presents a greater threat to Windows shops than BackOrifice,) got us thinking: What better time of year than the holidays for a planned epidemic of Internet mischief?

Envision with us a dancing Santa JPEG that silently wipes your hard drive clean when you click on an innocuous-looking electronic greeting card attachment.

How about a Web site link to an animated Rudolph Java file that recites "ho, ho, ho!" while a hidden executable installs BackOrifice and broadcasts your IP address to a well-trodden hacker chat room.

  InfoWorld home page
  InfoWorld forums home page
  InfoWorld Internet commerce section
  Get Media Grok and The Industry Standard Intelligencer delivered for free
 Reviews & in-depth info at's personal news page
  Subscribe to's free daily newsletter for IT leaders
  Questions about computers? Let's editors help you
  Search in 12 languages
 News Radio
  Fusion audio primers
  Computerworld Minute

Maybe you don't ever open those troublemakers on production machines, but what about your users?

With this in mind, here are a few tips to make this season a safe one for your network, and some pointers to products and technologies that will keep you free of hostile code hassles throughout the new year.

Web resources

The respected mobile-code security experts at Finjan recently made available a helpful list of tips to assist network administrators in dealing with the deluge of holiday goodwill sure to come flooding across their networks ( These are mostly basic precautions, but they are nonetheless important to consider. You might even want to distribute these tips to your user community. Some of these issues, such as shopping on the Net at work instead of home or using browser history files to track the source of miscreant downloads, are good policy for any company.

Finjan also recommends that network users become aware of many recent security flaws discovered in commercial Web browsers that could allow malicious content to drop down chimneys across the corporate landscape. Check out for an updated list of security vulnerabilities in Microsoft's Internet Explorer and for Netscape's security bulletins.

Product helpers

Who can forget the recent flare-up of e-mail client buffer-overflow exploits and JavaScript bugs that affected Explorer, Navigator, and Qualcomm's Eudora? We've recently been bombarded by a number of press releases from the likes of Content Technologies, Worldtalk, and Sybari Software, which offer products to keep your e-mail server security as clean as December snow. Perhaps they've been gearing up in anticipation of the hefty payload of holiday-related executable content that will likely flood potential customers running mail servers with thousands of users.

Of course, one of the best places to apply a content-based security strategy is at the corporate firewall. Indeed, we look forward to an early Christmas present from the multivendor initiative behind the Common Content Inspection API, which is aimed at hammering out a unified mechanism for inspecting content that's traversing firewalls. The contribution of Check Point's Content Vectoring Protocol API to the group should also prove interesting. Stay tuned to for updates. Those interested in the development side of content security should check out 12 rules for writing security-critical Java code, by which all Java developers should abide. Gary McGraw and Edward Felten, the authors of this list, maintain a Java security resource page at Felten has also placed a page comparing Java and ActiveX security at Microsoft's thoughts on software component security can be found at

False alarms

Now that we've got your eggnog curdled with content-security nightmares, we should remind everyone that this time of year also brings with it an increase in the number of hoaxes and false alarms about malicious viruses and other crank code. It's important to be informed about these issues and be prepared for that terrified user's inevitable forwarded e-mail with the subject line "Don't open this mail attachment!" -- asking you for advice.

If you have some time, you can check out the Computer Emergency Response Team at Carnegie Mellon University for vulnerability confirmation, and Finjan, Network Associates, or Symantec's AntiVirus Research Center for virus hoaxes.

Do the holidays look as appealing to your support staff as a fruitcake from 1985? Send us your nonexecutable holiday greetings at

Stuart McClure, a senior manager at Ernst & Young's Information Security Services, and InfoWorld Technology Analyst Joel Scambray have managed information security in academic, corporate, and government environments for the past nine years.

Related stories:
Latest Headlines

Today on CNN

Related stories:

Note: Pages will open in a new browser window Related sites:

External sites are not
endorsed by CNN Interactive.

Enter keyword(s)   go    help


Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.