BNET UK
silicon.com
ZDNet UK

Home
News
Blogs
Reviews
Videos
Jobs
Resources
Community

Leader
Comment
White Papers
Downloads
Special Reports

Hardware
Software
Communications
Internet
Security
IT Management
Emerging Tech
Leader

Group Blogs
News Blog
Post Room
Rupert's Diary

Hardware Reviews
Software Reviews
Editors' Choice
Buyer's Guides
Tech Guides
Competitions

Dialogue Box
Security threats
Server platforms
Mobile devices
Application development
Full video index

Articles
White Papers
Downloads
Companies
Broadband Speed Test

People
Competitions
Post Room
FAQ

You are here: ZDNet UK > News > IT Management

Industry watch Toolkit

Hacker helps Excite@Home toughen defences

Tags:
Netcrime,
Security,
Adrien Lamo,
Securityfocus

Robert Lemos, ZDNet News ZDNet US

Published: 30 May 2001 10:48 BST

Not all hackers are bad -- just ask Excite@Home. The company shored up its online defences after a hacker pointed out a vulnerability in April that allowed access to the company's internal network and exposed nearly 3 million support records to the public.

The company praised the hacker -- known by the alias "Adrien Lamo" -- for coming forward after he poked around their network.

Lamo contacted the company nearly two months ago after he discovered a server that could be used by would-be attackers to get into portions of the Excite@Home corporate network. Among the accessible data was a customer support database of users, their machine configurations and their addresses, Excite@Home spokeswoman Londonne Corder said.

However, no credit card information was in the database, she stressed, and because of Lamo's aid, no records were accessed by others. Lamo first found the network vulnerability in March, she said.

The details of the breach were first reported by security site SecurityFocus.com, which had been contacted by Lamo.

Lamo is "someone who tries to uncover security holes with good intentions -- to show us where we had some security holes, so those could be fixed", Corder said. While not a first, a collaboration like Excite@Home's cooperation with a hacker to secure its network is rare.

Despite the open source movement underscoring the historic definition of hackers as curious -- if unconventional -- researchers, companies have been frequently leery of associating with anyone who considers themselves one.

Yet, the Excite@Home network seems a bit more secure today because of the cooperation.

"After meeting with Lamo, we took steps to further secure the corporate network by installing firewalls, restricting access to the network, implementing programs to prevent denial-of-service attacks, and adding hardware and software designed to detect and prevent security breaches," Corder said.

Is your PC safe? Find out in ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

Did you find this article useful?
42 out of 108 people found this useful

Share this article:
Digg
Slashdot
Del.ici.ous
Stumble
Reddit

Company/Topic Alerts

Create a new alert from the list below:

hackers
securityfocus
netcrime

excite@home
adrien lamo
Security

Most Recent
Most Popular

Discussions

Copyright in a new light

Friday 18 December 2009, 3:54 AM

2 comments

exceldigital

View All

Discussions

View All

Video

Install Flash Player plugin

Find out more: From The Labs: Sniffing the...

Amazon CTO on the benefits of the cloud
From The Labs: The first Android netbook?
Salesforce demos Service Cloud 2

All videos
Most popular videos
Latest videos

Featured Talkback

In association with Network Liberation Movement

When all is said, if Microsoft produce the best product people will buy it and thats a good thing. If people have to buy their product because no one else can produce an alternative, only because interoperability protocols are kept secret, then thats a bad thing.