Security experts scramble to stop new hacking tool

New tool could prove a "Sticky" problem for computer security professionals

Computer security specialists have warned of a new hacking tool that could be used to break down the defences protecting many computer networks.

The hacking tool, dubbed "Stick" by its creators, is engineered to attack Intrusion Detection Systems (IDS), which provide early warning of attacks or security breaches on a network.

Stick is capable of overloading an IDS defence mechanism with fake security probes and in extreme cases may cause the IDS to fail altogether, according to security firm Internet Security Systems (ISS).

"It is definitely a threat," says principal consultant for ISS, Gunter Ollmann. "It could be used to mask an attack. This is a popular method."

However, the threat of this technique is limited, says Ollmann, by the fact that an attacker needs significant bandwidth to launch an attack. The processing power available to the computer running the IDS will also affect the impact of an attack.

Take me to Hackers

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read what others have said.