650-Member Alliance for Internet Security Unveils Tool to Detect Network Vulnerability.
RESTON, Va.--(BUSINESS WIRE)--March 23, 2000
ICSA.net's "NetLitmus" is the critical first step in solving
Internet security issues
The Alliance for Internet Security today unveiled a new tool which will determine if corporate networks are vulnerable to participating in cyber attacks.
This allows computer network administrators to take corrective action before their systems are used as part of a Distributed Denial of Service (DDoS) attacks. The tool, called NetLitmus, will be made available at no cost to anyone who joins the Alliance.
"NetLitmus is the first tool of its kind and a critical first step in solving some of the most pressing security issues today," said Peter Tippett, chairman of the Alliance for Internet Security. "While the solution to Distributed Internet attacks may be a long way off, the introduction of this detection tool is a sign that progress is being made."
Developed by ICSA.net, the company that spearheaded the creation of the Alliance for Internet Security, NetLitmus searches web sites to determine if appropriate filters (i.e. routers and firewalls) are in place and are properly configured to prevent a system from being a part of a DDoS attack.
Currently, there is no technology available to fundamentally protect Internet-connected systems from DDoS attacks, but there are steps that can be taken by companies, government agencies and universities to ensure that their systems cannot be used as "slaves" in a DDoS assault.
By reconfiguring routers and firewalls to implement appropriate filtering technologies - organizations can prevent their systems from being used to attack another institution's computers.
Similarly, ISPs can configure customer-facing routers to resist passing such attacks. Network administrators need a way to check the current state of such filtering on their computer systems and their ISP's network. Once such filters are configured, both ISP technicians and network administrators need to know if they actually work. NetLitmus will make that determination in less than 15 minutes.
Early testing with this tool shows that the majority of companies do not have meaningful filtering in place. Less than 15% of the initial corporate users of the tool had appropriate filtering. Similarly, less than half of the corporation's ISPs had functional filtering for spoofed or fake addresses.
"These numbers will undoubtedly get much worse as we move from motivated security-conscious network engineers, to the broader audience. Doing such filtering is actually quite easy. It takes perhaps 20 minutes to properly configure a router," said Tippett.
Good information about the problem along with configuration information and links to numerous other resources can be found at the Alliance web site at: http://www.html/communities/ddos/alliance/index.shtml.
Normally, a diagnostic tool like NetLitmus would retail for several hundred dollars. But in an effort to address the DDoS issue quickly and effectively, the tool is being offered free-of-charge to Alliance members.
"NetLitmus is the first solution like this to date. What's important is that it gets into the hands of as many people as possible, as quickly as possible," said Tippett. "That's why we're making it available thorough the Alliance."
The Alliance was formed in February in response to DDoS attacks against Yahoo, eBay and other major Internet sites. Since then, more than 650 Internet service providers, security vendors, major corporations and industry leaders have joined the organization. To become a member of the Alliance, organizations must pledge to adopt security measures that address DDoS attacks.
"It is critical that the Internet community have a way to defend against DDoS raids. This tool gives us an excellent place to start," said Internet security consultant Fred Avolio, of Avolio Consulting, Inc., an Alliance corporate member.
"Not only will NetLitmus detect misconfigured systems in an organization, but will also determine if the organization's ISP is doing its job. This is a very positive development for anyone who is wired to the Internet. It gives us a benchmark against which to work and helps us clean up our immediate environment rather than being an unwitting partner in DDoS attacks."
For more information on the Alliance for Internet Security and NetLitmus, go to www.icsa.net.
ICSA.net is an industry leader in the growth and improvement of Internet security. ICSA.net helps businesses reduce their information security risks, and enables the expansion of Internet technology implementation.
ICSA.net has used its leadership and expertise to support the growth of Internet business and commerce worldwide. ICSA.net offers TruSecure security services as well as multi-vendor, cross-industry product certification programs.