ARN

Kevin Mitnick seeks refuge from hackers

Mitnick's site "is getting 20 times more attack traffic every day" than others

Kevin Mitnick, the ex-hacker turned security consultant, is such a high-profile target himself that the Web-hosting firm he was using finally told him it wouldn't host Web pages for him anymore.

"They kicked me off," Mitnick says, noting he doesn't begrudge Hostedhere.net, which he used for five years. But after a number of break-ins that targeted the former hacker, "they decided it wasn't cost-effective to keep me around," Mitnick says, adding, "I'm a target," mostly for those who want to play "king of the hill" by hacking someone once known as a notorious hacker.

Reports surfaced during last week's Black Hat conference that Mitnick and other security experts had their Web sites hacked.

But Mitnick hasn't been left Webless. FireHost has stepped in to offer Mitnick a refuge for the basic advertising he does online for his consultancy, Mitnick Security Consulting LLC.

10 of the worst moments in network security historyFireHost provides hosting that uses what CEO Chris Drake claims are better defense measures -- provided to all its customers -- han might be found at the typical Web-hosting firm.

FireHost makes use of the Imperva application firewall to defend against SQL injection, cross-site scripting and other application-layer attacks. The firm also makes use of home-grown Snort-based tools and Top Layer's security device to mitigate against denial-of-service attacks, intrusion-prevention and to scan for possible infected Web pages.

After just a week, it's evident that Mitnick's site "is getting 20 times more attack traffic every day" than others, Drake says. He adds that the simpler type of brochure-like Web site Mitnick favors is usually harder to hack than more complex sites.

Drake says FireHost's technical personnel dedicate substantial time to making sure security controls are properly set up for new customers to avoid false positives. He acknowledges, however, that FireHost is giving Mitnick even a little more attention to make sure publicity-crazy hackers don't exploit him or harm FireHost's reputation.

FireHost's Web-hosting service typically starts at $100 month with supporting security services but Mitnick, a sort of celebrity, is getting his modest Web-hosting done for free.

Mitnick says he has been inclined over the years not to keep any kind of important documents on a Web site since he has been such a target, and when it comes to e-mail, currently he's satisfied with Google gmail.