bits and pieces

Hannibal is at the Gates

Posted by admin on Mar 16 2007

As I settle down at my computer to get started at work, I notice a flurry of emails in my inbox resulting from a recent “upgrade” to our network’s firewalls. It seems that systems have been broken and chaos has unleashed its fury for many of the unsuspecting workers here at the University. It just had me thinking about how complex our firewalls must be - deciding what data traffic to let in, and what to let out… and especially what traffic to block.

I guess certain high profile companies and institutions must always be alert for possible hacker attacks. Most of the time, I suspect there isn’t anything to worry about.

I read a recent news item about a DOS (Denial of Service) attack on the website GoDaddy.com. GoDaddy is a vendor that specializes in selling web-hosting services and domain name registrations. The president of the company was surprised at the massive attack and commented that usually they detect such activity when an unhappy customer tries to attack a specific ISP or hosting service. As a domain name registrar, they just pass the traffic on to the target host… rarely do they get attacked directly.

An unhappy customer… hmm. The world wide web is a very large space. There are literally millions of websites and servers and hosts out there. It makes sense that the attacked entities are a select few who were unlucky enough to cross the wrong person.

Still, one has to be prepared in the untimely event that someone selects us as a target for hacking. Over the years, I have noticed that my colleagues who make a living dealing with “security” issues are a seriously paranoid bunch. They remind me of a Latin saying: “Haniibal ad portas”. (literally, “Hannibal is at the gates!”) Hannibal, a celebrated military leader and tactician was in Roman times, the equivallent to the “Boogeyman”. As a security professional, I’m sure that one is always assuming that there is a “Hannibal” at the gates waiting to get in.

For the most part, I think another solution is to “lie low” or to assume a low profile on the ‘net. It doesen’t mean hiding, per se, but it does mean being careful about what one does in the public domain. Annoying or offending people is definitely a no-no. Just like road rage when driving on the highways… it may be satisfying to “get even” with some stranger on the roads, but one never knows who they’re tangling with when they start acting rude and disrespectful.

“Bad” elements abound out there in the world. When caught, some of these hackers have admitted that the only thing compelling their forays was the “challenge” to accomplish their task. It wasn’t money, but perhaps a little infamy and the satisfaction of getting into a system that originally seemed impossible. The desire for fame usually gets them caught, but isn’t it interesting to note that these career criminals hunger for a challenge.

Well, it’s time to get back to work. Until next time, Lie low, drive smart and stay safe.