WELLESLEY, MASSACHUSETTS, U.S.A., 1998 MAY 28 (Newsbytes) -- By 
Jacqueline Emigh, Newsbytes. Network "cracking" is evolving in a more 
malicious direction, while adding specialty areas like "fracking" and 
"crypting" in the process, said a member of a new anti-cracking unit at 
Cambridge Technology Partners (CTP), during CTP's "New Hack Tour." 

[The term for a phone hacker is "phreak", and their art is known
 as "phreaking".]

   Really, "cracker" -- rather than "hacker" -- is the word to use in 
describing individuals who break into networks, said Wyly Wade of CTP's 
Enterprise Security Systems Group, during a meeting with Newsbytes at  the
CTP-sponsored conference. "Hacker" actually refers to anyone who  writes
program code, even an end user who scripts Microsoft Word  macros, Wade
told Newsbytes. 
   Emerging derivatives of the term "cracker" include "fracker," meaning  a
person who breaks into phone networks, and "crypter," a specialist in 
cracking cryptographic algorithms, Wade added. 

[The correct term is "cypherpunk", not "crypter".]

   The earliest crackers engaged in the practice for "humanitarian" 
reasons, such as the desire to help companies build better products, 
according to Wade. The humanitarians were the joined by those who  cracked
networks to "further the free exchange of information." 
   Later on came groups like the PLO, which breaks into networks "purely 
for profit;" and finally, people whose motives are entirely malicious. 
   Many of the newest breed of crackers are kids who are unaware of 
cracking's roots, said Wade, one of eight members of a new anti-  cracking
Internet security team at CTP. 
   CTP, a systems integration and software development specialist based  in
Cambridge, Massachusetts, formed the new group, known as "Core," in 
response to customer requests. CTP takes a "partnering" stance with its 
customers, meeting whatever IT (information technology) requirements  need
to be addressed, Wade maintained. 
   With Internet security a rising concern among customers, the new  "Core"
group stays about a year ahead of the industry at large in  keeping on top
of new security threats, Newsbytes was told. 
   The job is challenging, because new "incursions," or security holes, 
keep showing up every day, according to Wade. 
   A few of the more popular methods of cracking being discussed at this 
week's conference include the FTP (file transfer protocol) bounce  attack,
protocol tunneling, and tactics such as SYN flooding, which  result in
"denial of service." 

[The article says cracking is breaking into networks, but turns
 around and talks about the FTP bounce attack and SYN flooding. Neither are
 active attacks to BREAK IN to a network.]

   In the FTP bounce attack, crackers manipulate FTP PASV mode, using  PORT
and QUOTE to send scripts that allow them to gain access to  unauthorized
FTP servers, speakers said during conference sessions.  Protocol tunneling
calls for encapsulating, or hiding, one protocol  inside of another, such
as a telnet inside a ping request. 

[The FTP bounce attack is designed to bypass access restrictions
 based on rulesets or ACLs.]
   Many tactics can be used to bring denial of service, including SYN 
flooding, ghost routing, and service loops, for instance. In this type  of
attack, users typically do not even realize a server has been hit,  instead
believing that the server must be busy, or down for  maintenance, for
   Wade pointed out that new viruses continue to fester, as well.  Viruses
are already showing up in the 32-bit environment, although some  people
said this would never happen. And these perennials of cyberspace  are
certain to land on new 64-bit platforms, as well, Wade predicted. 
   Cambridge Technology Partners is located at http://www.ctp.com on the 
World Wide Web. 


[Only a few gripes with this article. :)

 Firstly, I believe the commonly accepted term for a "phone hacker" was a
 phreak, not as this article suggests, a "fracker".

 Secondly, I believe the term "cypherpunk" is the accepted description for
 someone who is a "specialist in cracking cryptographic algorithms",
 though that might be smearing the term somewhat.

 Sounds like they're trying to whip up some new buzzwords. :)  -Nick]