advertising information
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




Start-up puts hackers on BlackICE

April 22, 1999
Web posted at: 1:35 p.m. EDT (1735 GMT)

by Ellen Messmer

Network World Fusion

   Sign up for the Computer Connection email service

   Insurgency on the Internet

   For more computing stories


(IDG) -- Network Ice, a hot security start-up for intrusion detection, this June plans to ship its first software-based suite for stopping the wily hacker cold.

To protect Windows-based desktops and servers from hack attacks, Network Ice is providing software called BlackICE Pro. If BlackICE software spots evidence of mischief, it responds by alerting the user or the administrator of the problem. It can also shut down all communication to and from the source of the intrusion attempt.

BlackICE Pro software, which costs $37 per node for 1,000 nodes, will issue a report of any trouble to the Web-based security management console called ICEcap (an acronym for "consolidation, analysis and presentation").

According to Greg Gilliom, CEO of Network Ice, the ICEcap reporting engine uses a technology dubbed "Collective Awareness" to analyze the nature of the intrusion attempt. If needed, it will inform all BlackICE-protected desktops or servers if a systemic corporate-wide attack appears to be under way.

Since hackers are constantly upgrading their attack exploits, the BlackICE software is going to have to be updated regularly, much like anti-virus software, Gilliom points out. To do this, ICEcap can "push" intrusion-detection updates down to BlackICE software without disrupting computer activity.

"We detect over 200 attack signatures, such as ping sweeps or denial-of-service attacks," Gilliom claims. "We're protocol experts - we know how to exploit protocols. But we're trying to provide a system of administration and protection for small companies that aren't aware of all these issues."

Gilliom and the other Network Ice co-founders Robert Graham and Clinton Lum all held senior engineering positions at Network General (now Network Associates after its merger last year with McAfee Associates).

The BlackICE suite is host-based intrusion-detection software for Windows. The start-up is also working on an NT-based probe called BlackIce Sentry that would be able to scan for trouble Unix machines, mainframes or databases. The company has no specific shipping date for BlackIce Sentry.

  Network World Fusion home page
  Free Network World Fusion newsletters
 Reviews & in-depth info at
  Questions about computers? Let's editors help you
  Search in 12 languages
 News Radio
  Fusion audio primers
  Computerworld Minute

Network Ice Chief Technology Officer Robert Graham says that one of the most vulnerable points within the enterprise network today is that presented by the telecommuter or remote access user.

"The problem with VPNs and notebook computers is that firewalls are being bypassed by remote dial-in users," Graham says. "When we've put our software on a lot of people's machines, we see virtually everyone will undergo a hacker attack within just a few weeks."

This is because the hackers with their automated tools are targeting remote access users to find out their IP addresses or access methods in order to weasel their way into the corporate intranet, Graham claims. Therefore, even companies using VPNs or firewalls can benefit from a desktop-based intrusion-detection system used for remote access.

"We see three types of hackers out there," Graham says. "There are voyeurs, like peeping toms; graffiti artists that trash the Web site and tell their friends; and criminals who steal things, such as customer lists."

How do you define a hacker?

DOD leaders mull Internet disconnect
April 20, 1999
Hackers can turn network cameras, microphones on you
April 16, 1999
Canadian hackers attack 13 major corporate sites
April 8, 1999
Serb supporters sock it to NATO, U.S. Web sites
April 6, 1999
Infamous computer hacker pleads guilty in deal with government
March 26, 1999

DOD leaders mull Internet disconnect
(Federal Computer Week)
Network Associates ships intrusion detection and response tool
(Network World Fusion)
Serb supporters sock it to NATO and U.S. computers
(Network World Fusion)
Mitnick gets five years, eight months under plea
(InfoWorld Electric)
Cyberattacks on the rise

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Network Ice

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.