From...

February 16, 2000
Web posted at: 8:30 a.m. EST (1330 GMT)

by Bob Brewin

(IDG) -- The National Infrastructure Protection Center anticipated the kind of massive denial-of-service attacks that crippled a number of electronic commerce sites last week and offered a free software tool to help detect the software "demons or zombies" used to carry out those attacks. But few Internet Service Providers or World Wide Web-based companies downloaded the tool from the NIPC Web site.

Michael Vatis, NIPC director, said the FBI-managed NIPC anticipated the denial-of-service attacks over the New Year --

	MESSAGE BOARD
Insurgency on the Internet
	RESOURCES
Check here to see how a denial of service attack works.
	ALSO
FBI investigation swamped with tips, continue to seek Midwest 'Coolio' Reno, Freeh: Hacker search riddled with difficulties Clinton administration develops Internet security proposals as investigators pursue hackers

expecting that hackers would take advantage of Year 2000 date code concerns and confusion to launch such attacks -- but few ISPs or Web sites took advantage of the availability of the tool. This "is the first time in history the FBI has given away software," Vatis said. But, prior to last week's attacks, he said "only 2,600" individuals downloaded the software.

The tool enables system administrators to detect demons or zombies that hackers surreptitiously inserted into network servers and then remotely triggered to launch the attacks last week.

Three users who downloaded the software detected the attack code, notified NIPC "and we opened cases," said Vatis, interviewed at last week's West 2000 conference in San Diego sponsored by the Armed Forces Communications and Electronics Association and the U.S. Naval Institute. Vatis declined to say what progress -- if any -- the FBI has made with those criminal cases. He added that he suspected that the number of downloads of the free software tool had sharply increased since the e-commerce attacks.