To prevent cyber attack software from capturing vulnerable servers, scientists have developed a free defense software that can inhibit the identification of systems by such programmes. “TCP Stealth is a free software that requires particular system and computer expertise, for example, use of the GNU/Linux operating system. In order to make broader usage possible in the future, the software will need further development,” said scientists from the Technische Universitat Munchen (TUM) in Germany. Port scanners are programmes that search the internet for systems that exhibit potential vulnerabilities. According to a report published in Heise Online, Hacienda is one such port scanning programme.
The report says that this programme is being put into service by the “Five Eyes” – a federation of the secret services of the USA, Canada, the UK, Australia and New Zealand. “The goal is to identify as many servers as possible in other countries that can be remotely controlled,” explained Christian Grothoff, the research group leader at the TUM’s chair for network architectures and services. The free software is based on the following concept: There exists a number that is only known to the client computer and the server. On the basis of this number, a secret token is generated, which is transmitted while building the initial connection with the server.
If the token is incorrect, the system simply does not answer and the service appears to be dead. “While similar defensive measures are already known, the protection capabilities of the new software are higher than that of extant techniques,” Grothoff added. A verification code is also sent while building the initial connection. The server can then use this to detect whether or not it has received the correct data, the study concluded.