Stumbler mapping networks for future attacks

Thursday, 26 June 2003, 2:28 PM EST

The recently discovered Stumbler network-mapping tool represents a variety of malware that leaves enterprises with little in the way of defense, other than to lock down networks and employ intrusion detection, experts said.

At first, some researchers considered Stumbler a Trojan horse program, but Neel Mehta, a research engineer with Atlanta-based Internet Security Systems Inc.'s X-Force research team, isn't so sure. "It's hard to characterize," he said, noting that Stumbler doesn't enable unauthorized access like a Trojan does.

Stumbler doesn't fit cleanly into a line of the malware family tree. It can be best described as a distributed network-mapping program, Mehta said. It uses a TCP SYN probe with a window size of 55808 to explore networks. Stumbler spoofs its source IP address to cloak where the probe originated.

Stumbler's job is to probe networks for open ports on hosts and firewalls. This information can then be used by the author to attack vulnerable systems. Its reconnaissance scanning is done randomly; it's not targeted at specific companies or sectors, Mehta said.

[ Read more ]


51% of consumers share passwords

Posted on 20 August 2014.  |  The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Thu, Aug 21st