Cyberspace Seen as Potential Battleground
"While bin Laden may have his finger on the trigger," he added, "his grandson might have his finger on the mouse."

Security experts who monitor attempts at computer intrusion say that other new tools and tricks are coming into use in that arena as well. In recent weeks, computer security experts have come to believe that malicious hackers have developed tools to take over computers using the Unix operating system through a vulnerability in a nearly ubiquitous computer communications protocol known as SSH.

Those experts say that they find the SSH flaw especially worrisome because it could provide a hacker who successfully attacks it unrestricted access to a computer. An intruder could gain access to machines linked to the compromised computer, could destroy all of the data on the machine or could use it to carry out denial of service attacks. "It's pretty nasty," said Dan Ingevaldson, a security researcher at ISS, a major vendor of security software and service.

The weakness in SSH has been identified since early this year, and many system administrators have fixed the problem with patches, but until recently the theoretical vulnerability had not been subjected to actual attack. Recently, however, security experts have noticed a sharp increase in probes by outsiders of a specific spot in their network known as Port 22 — the part of the system that SSH uses — presumably to see which machines are still open to attack. "They wouldn't be doing the scanning if it wasn't paying off for them," said Kevin L. Poulsen, editorial director of a SecurityFocus, a company that provides computer security information.
http://www.nytimes.com/2001/11/23/technology/23CYBE.html?todaysheadlines&pagewanted=all