Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our speciality !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Survey: DoS attacks, bots top security threats

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security
Author Message
tricore
Guest
PostPosted: Mon Dec 18, 2006 5:45 am    Post subject: Survey: DoS attacks, bots top security threats Reply with quote
Arbor Networks plans to release a report Tuesday confirming what many in IT security already know: denial of service is still a very popular means to disrupt networks.

In its second annual Worldwide Infrastructure Security Report, Arbor surveyed 55 network operators, including ISPs, network providers at universities and even some large enterprise networks. DoS attacks at 46% and bots at 31% pose the most significant operational threats, according to survey respondents. Worms, compromised infrastructure, DNS and Border Gateway Protocol route hijacking were also mentioned, but only 4% to 7% said these posed significant threats.

While DoS isn't new, the size of the attacks are, says Danny McPherson, chief research officer at Arbor.

Of the 55 respondents, 35 claim to have seen attacks of 1Gbit/sec. or higher. Ten of the 35 reported DoS attacks larger than 10Gbit/sec., while nine say the attacks were between 4Gbit/sec. and 10Gbit/sec.

The size of the attacks are a new concern, because some of these could take down a large ISP's backbone or at least specific routes on a service provider's network, McPherson says.

The majority of network operators are using access-control lists and destination-based BGP blackhole routing as the two primary methods of mitigating attacks. When asked about the challenges in using IP-sourced address techniques, respondents said the lack of infrastructure and the inability to authenticate the IP source of an attack were obstacles.

In many cases, network operators defer to their customers as to whether they report an attack to law enforcement authorities, the survey found.

Arbor says that only 1.5% of all actionable attacks are reported to law enforcement, largely because companies want to avoid negative press coverage. Other reasons included lack of forensic detail and the fact that there are too many attacks to bother with reporting them to the police or FBI (Some 38 percent of respondents believe law enforcement doesn't have the power or means to act upon information.).

The report found that frequency of attacks has not changed much since 2005.

Separately, Arbor announced the latest version of its Peakflow SP anti-DOS software suite that allows carriers to detect and mitigate attacks. Version 3.5 includes a Threat Management System that offers more granular DNS information and a scrubber to better help mitigate attacks, says Rakesh Shah, a senior product manager.

Peakflow SP 3.5 is available, but Arbor was not able to provide any names of service-provider customers at press time.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group