Few downloaded FBI tool to detect e-commerce attacks

The National Infrastructure Protection Center anticipated the kind of massive denial-of-service attacks that crippled a number of commercial electronic commerce sites last week and offered a free software tool to help detect the software "demons or zombies" used to carry out those attacks. But few Internet Service Providers or World Wide Web-based companies downloaded the tool from the NIPC Web site.

Michael Vatis, NIPC director, said the FBI-managed NIPC anticipated the denial-of-service attacks over the New Year — expecting that hackers would take advantage of Year 2000 date code concerns and confusion to launch such attacks — but few ISPs or Web sites took advantage of the availability of the tool. This "is the first time in history the FBI has given away software," Vatis said. But, prior to last week's attacks, he said "only 2,600" individuals downloaded the software.

The tool enables system administrators to detect demons or zombies that hackers surreptitiously inserted into network servers and then remotely triggered to launch the attacks last week.

Three users who downloaded the software detected the attack code, notified NIPC "and we opened cases," said Vatis, interviewed at last week's West 2000 conference in San Diego sponsored by the Armed Forces Communications and Electronics Association and the U.S. Naval Institute. Vatis declined to say what progress — if any — the FBI has made with those criminal cases. He added that he suspected that the number of downloads of the free software tool had sharply increased since the e-commerce attacks.