SWAT team targets hackers 
By Tim Clark
July 3, 1997, 5:45 a.m. PT 

                Enterprise security firm Axent Technologies
                (AXNT) next week will unveil a public Web site
                designed to help security professionals thwart
                attacks from hackers. 

                Advisories from groups like CERT, the Computer
                Emergency Response Team, don't go far enough,
                said Rob Clyde. The Axent vice president formed
                the Axent InfoSecurity SWAT team. 

                "Customers and we ourselves were frustrated
                because you can't get anything specific about what
                the problem is. They wouldn't want to tell details on
                how to reproduce the attack because then the bad
                guys would get it," Clyde said. 

                But Axent figures the bad guys already know how
                to mount attacks, based on the hundreds of hacker
                sites on the Net, so it will open its site to all comers.

                "We find customers saying, 'Tell us what the
                problem is so we can tell what to do with it. If we
                can't see the attack, how do we know the fix will
                work?'" Clyde said. "We aren't trying to create a
                market that's not there. They're already aware
                there's an issue, and they're struggling with what
                they should do." 

                The SWAT team is something of a misnomer
                because it's just five researchers, not a poice squad
                out to catch malicious crackers. SWAT's charter:
                Reproduce and anticipate attacks, then look for
                ways to prevent and detect them before serious
                damage is done. 

                "Attacks are often described long before they are
                ever launched--the Ping of Death denial-of-service
                attack, for example," Clyde said. The SWAT site,
                which currently exists as a private site for Axent
                employees and customers, will describe
                countermeasures as well as attacks. It opens on the
                Net July 10. 

                SWAT, Clyde admits, is not driven by altruism; the
                company hopes to earn marketing points for its
                efforts. But the company does the same research
                for its security products and consulting practice, so
                the public site will generate little extra work. 

                "The problem isn't the bad guys going out and
                getting this information. If you've got the time, it's
                there," he added. "The good guys don't have the
                time."