Hackers' Haven

Hackers using free online tools to mask locations

Erwin Lemuel Oliva eoliva@inq7.net
INQ7.net

HACKERS are now using free online "tools" to mask the real location of attacks, a scary trend that both system administrators and law enforcer face today, a security expert said in a recent security summit in Manila.

"Hackers are now using spoofed Internet Protocol (IP) addresses to hide their real location," said Bitstop president Wilson Chua at the ManilaCon 2K5, Philippine IT Security Conference.

Hiding the real IP addresses or source of attacks poses a problem for law enforcers trying to pin down malicious hackers, Chua said.

So-called "privacy tools" have recently become available to hackers, Chua said. These tools usually allow anyone to mask their IP address with "proxy servers" available online.

The same privacy tools -- one developed by the Massachusetts Institute of Technology--even randomly picks IP addresses to confuse security experts away from pinpointing the source of attacks, Chua said.

These privacy tools are designed mainly to allow users to mask their locations, especially in cases where their governments have strong censorship policies.

"What is really scary about these tools is that it is now harder to trace back attacks. Some can eve circumvent firewalls, intrusion, detection and preventions software, and other solutions," said Chua.

There are, however, recent ways to mitigate risks of attacks coming from spoofed IP addresses, he said.

Companies could impose so-called "two-factor authentication systems" to prevent unknown IP addresses from being used to launch attacks, he suggested.

There are also recent little programs that were written to unravel spoofed IP addresses. One, written by Lars Kindermann, allows system administrators to discover the real IP addresses of attacks.

With security problems likened to moving targets, there would always be new ways to exploit computer systems, Chua said.

"Online privacy tools can be used in a good or bad way. Right now, IP spoofing is something that scares us today," he said. "But we already have some solutions available to unmask the real locations of attacks."