Novell’s stumped over hack

Opinion
Oct 3, 20052 mins

Here’s a question for you: What would cause a Novell-owned server to ping servers around the globe for port 22 vulnerabilities (port 22 being the default port for SSH services used to remotely log in and execute commands)? Over the weekend, Novell’s security team scoured the offending server, which was on an external network outside of Novell’s firewalls being used as a test server. So far, the security team hasn’t found any sign that the box had been hacked, according to Kevan Barney, Novell’s PR manager. Yet the box, with a Novell IP address of 012.110.017.142 began pinging servers on September 21 according to reports at MyNetWatchman and DShield.org. The problem could be any number of undetectable things, Barney tells me this morning. Like, maybe the IP address was hijacked. Or, maybe as I suggested to him on Friday, a super stealth rootkit had been installed that covers the hackers tracks. Or, maybe, I’m thinking, the owner administrator of that server was doing a little recon on his own, then erased his tracks when things got too hot. The tale unfolds in two Computerworld stories. But the bigger question, I ask Barney, is around quality control. When you have test and production servers outside of the security department’s supervision, how do you ensure those servers aren’t doing something to tarnish your company’s reputation? “That’s a good question and maybe one we should look into,” answered Barney. So look into it, then, and get back to me with any advice you can offer. Because if it’s happening to Novell, which markets itself as a security-focused company, then I’m sure it’s happening to other brand-name organizations as well.

deb_radcliff

Deb Radcliff is an investigative journalist and analyst focused on computer crime and security. Her work has appeared on Security Boulevard, the SANS Cyber Security Blog, and SC Media, among other outlets. She stood up an analyst program for SANS Institute and ran it for 15 years before joining the Cyber Risk Alliance as strategic analyst on the business intelligence unit. She is author of the popular cyber thriller series, “Breaking Backbones,” available at Amazon.

Deb won two Neal Awards for investigative business reporting. She holds a Bachelor’s degree in journalism from San Jose State University.

More from this author