>Huge volume of outgoing Internet traffic, amounting to over 5 Gigabytes per hour, was recorded between 28 September and 5 October 1999, resulting in slow Internet responsiveness during the period and the University was subject to a charge for jeopardising the shared HARNET Internet link.

>Four SUN workstations were identified having contributed to such traffic. These workstations are believed to have been compromised by an unknown hacker and used for launching attacks against some Internet sites. Presumably these were some sort of denial-of-service attacks in which the remote systems (victims) were bombarded with heavy incoming traffic in order to cripple or bring down their services. Even though the four SUN workstations were also victims (for being hijacked) themselves in this case, they are nevertheless legally liable for any damage (such as losses in bandwidth, cpu, data, service, business, etc.) caused to the remote systems.

>The number of systems on the CTNET-II having been compromised by the same hacker or other hackers might not be limited to the above-mentioned four SUN workstations. Whoever in possession of any Unix system or Windows-based servers (Windows PC providing services) are strongly advised to check their own systems for security loopholes. Please take note of the following points when doing so:

>Further recommendations can be found in our published “General Security Guidelines for Administering UNIX Systems” at http://www.ncm2.xyz/csc/stafflan/csc3-security-guidline.htm.