Grid computing boosts hacker network - TechUpdate

Tech Update

Grid computing boosts hacker network
By Wayne Rash
March 11, 2002

Add your opinion

Forward in

Format for

Just before I start writing, I look at the colorful blocks and jagged lines of the SETI at Home screen saver that runs on my workstation.

SETI at Home is a distributed computing application that divides a massive signal processing problem into tiny segments and sends them to millions of computers worldwide. Since SETI's inception, many other distributed--or grid--computing projects have begun work, and vendors such as Sun, IBM, and Compaq have jumped into the fray.

One particular project, however, has nefarious intentions. A worldwide hacker confederation is quietly setting up a global, real-time, peer-to-peer grid of processing power to crack encryption--especially passwords--used in commerce.

Cracking passwords is not an easy task; you need a huge amount of computing power to get results. Grid computing, however, gives hackers the horsepower they need in an unprecedented way.

Here's how it works: Hackers send clients into your system via a worm, or through any other site that's been hacked or intentionally set up to run programs on your PC remotely. Or, a user downloads a screensaver from any of the sites that let you share computing assets.

After the clients are inside users' machines, they lend processing power to the encryption-cracking effort. The hacker clients sniff the password and user IDs from a stream going to a commerce site. With all that processing power, it doesn't take very long to encrypt a password; you could crack the average seven-character password in about an hour if you had 160 computers working on it.

Worse, these clients don’t stop using resources when you start working; they take advantage of the real-time connections in a corporate environment and continue cracking.

To guard your computing power, make sure your firewall is set to stop outgoing traffic on ports and by unauthorized applications. Use strong passwords (eight really random characters will do) and change them regularly. Also, deploy auditing software that will search for unauthorized applications--including those that may contribute to a hacker network.

If you decide you don’t mind contributing some of your computing resources, make sure you know who’s really behind the effort. SETI at Home is backed by the University of California at Berkeley, but not every backer is legitimate.

Do you plan to use network grid computing in the near future? E-mail me or talk back below.

TECH UPDATE TODAY DAILY:
Dan Farber and David Berlind deliver daily insights on the business and technology news that matters to enterprise IT.

	Enterprise Alerts
	Surveys
	Computers: Desktops & Laptops
	IT Management
	Security
	IT Professionals

Manage My Newsletters

Help | Advertisements | Feedback | Reprints | Newsletters

New site: Monitor all the tech news at Technology.Updates.com

CNET.com | CNET Download.com | CNET News.com | CNET Reviews | CNET Shopper.com

About CNET Networks