advertising information

CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
COMPUTING

Start-up puts hackers on BlackICE

April 22, 1999
Web posted at: 1:35 p.m. EDT (1735 GMT)

by Ellen Messmer

From...
Network World Fusion
hackers

 ALSO:
   Sign up for the Computer Connection email service

   Insurgency on the Internet

   For more computing stories

  

(IDG) -- Network Ice, a hot security start-up for intrusion detection, this June plans to ship its first software-based suite for stopping the wily hacker cold.

To protect Windows-based desktops and servers from hack attacks, Network Ice is providing software called BlackICE Pro. If BlackICE software spots evidence of mischief, it responds by alerting the user or the administrator of the problem. It can also shut down all communication to and from the source of the intrusion attempt.

BlackICE Pro software, which costs $37 per node for 1,000 nodes, will issue a report of any trouble to the Web-based security management console called ICEcap (an acronym for "consolidation, analysis and presentation").

According to Greg Gilliom, CEO of Network Ice, the ICEcap reporting engine uses a technology dubbed "Collective Awareness" to analyze the nature of the intrusion attempt. If needed, it will inform all BlackICE-protected desktops or servers if a systemic corporate-wide attack appears to be under way.

Since hackers are constantly upgrading their attack exploits, the BlackICE software is going to have to be updated regularly, much like anti-virus software, Gilliom points out. To do this, ICEcap can "push" intrusion-detection updates down to BlackICE software without disrupting computer activity.

"We detect over 200 attack signatures, such as ping sweeps or denial-of-service attacks," Gilliom claims. "We're protocol experts - we know how to exploit protocols. But we're trying to provide a system of administration and protection for small companies that aren't aware of all these issues."

Gilliom and the other Network Ice co-founders Robert Graham and Clinton Lum all held senior engineering positions at Network General (now Network Associates after its merger last year with McAfee Associates).

The BlackICE suite is host-based intrusion-detection software for Windows. The start-up is also working on an NT-based probe called BlackIce Sentry that would be able to scan for trouble Unix machines, mainframes or databases. The company has no specific shipping date for BlackIce Sentry.

MORE COMPUTING INTELLIGENCE
  IDG.net home page
  Network World Fusion home page
  Free Network World Fusion newsletters
 Reviews & in-depth info at IDG.net
 
 
  Questions about computers? Let IDG.net's editors help you
  Search IDG.net in 12 languages
 News Radio
  Fusion audio primers
  Computerworld Minute
   

Network Ice Chief Technology Officer Robert Graham says that one of the most vulnerable points within the enterprise network today is that presented by the telecommuter or remote access user.

"The problem with VPNs and notebook computers is that firewalls are being bypassed by remote dial-in users," Graham says. "When we've put our software on a lot of people's machines, we see virtually everyone will undergo a hacker attack within just a few weeks."

This is because the hackers with their automated tools are targeting remote access users to find out their IP addresses or access methods in order to weasel their way into the corporate intranet, Graham claims. Therefore, even companies using VPNs or firewalls can benefit from a desktop-based intrusion-detection system used for remote access.

"We see three types of hackers out there," Graham says. "There are voyeurs, like peeping toms; graffiti artists that trash the Web site and tell their friends; and criminals who steal things, such as customer lists."



MESSAGE BOARD:
How do you define a hacker?

RELATED STORIES:
DOD leaders mull Internet disconnect
April 20, 1999
Hackers can turn network cameras, microphones on you
April 16, 1999
Canadian hackers attack 13 major corporate sites
April 8, 1999
Serb supporters sock it to NATO, U.S. Web sites
April 6, 1999
Infamous computer hacker pleads guilty in deal with government
March 26, 1999

RELATED IDG.net STORIES:
DOD leaders mull Internet disconnect
(Federal Computer Week)
Network Associates ships intrusion detection and response tool
(Network World Fusion)
Serb supporters sock it to NATO and U.S. computers
(Network World Fusion)
Mitnick gets five years, eight months under plea
(InfoWorld Electric)
Cyberattacks on the rise
(Computerworld)

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


RELATED SITES:
Network Ice

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.