◆ SpookStack

Full Text Artick December 01.wpd Page 2] b6 -1 b7C -1 documentation to MSNBC.com to support the claim. Lamo first contacted MCI Worldcom Friday through an intermediary, Kevin Poulsen, a writer for computer security Web site SecurityFocus.com. Lamo said MCI Worldcom responded. quickly to close the hole. "They pulled people in off other projects and worked through the weekend with me," he said. The root of the problem at MCI Worldcom is common in many businesses, Lamo said -- most systems don't provide enough internal security. Once he was able to break into a common Web server, that machine had a "trust" relationship with other machines on the network, allowing Lamo to "escalate" his privileges and his attack. "It's a problem to have a machine facing the outside world, but also trusted by an internal network," he said. Similarly, internal employees often have more access to critical networks than necessary Even if such employees would never do anything to compromise the company themseIves, their access rights are another point of attack for hackers. "A lot of time there is an inappropriate degree of trust given to users who appear to be internal," Lamo said. NOT THE FIRST TIME The researcher is no stranger to high-profile security warnings. Earlier this year, he found a way to alter news stories on Yahoo.com's Web site. Last year, he found a way to break into AOL. Instant Messenger accounts. In each case, he warned the company and, in an unusual bit of hacker forthrightness, used his real name. Hackers generally use pseudonyms out of fear of retribution or prosecution. Computer Security Advisory Site Suffers Attack By Brian McWilliams, Newsbytes 5 Dec 2001 The Web site of the Computer Emergency Response Team (CERT) is undergoing a distributed denial of service attack, officials at the federally funded computer security clearinghouse confirmed today. As a result of the attack, the CERT.org site was intermittently unreachable today for many Internet users. CERT, Iocated at Carnegie Mellon University, provides advisories and other information about. security vulnerabilities as well as serving as a coordination center for reports of security incidents. A CERT representative declined to provide details about the nature of the attack. A new Internet worm known as Goner, which contains a denial of service component, was not responsible for the attack on CERT.org, the official added. FBI(19-cv-1495)-9969