Printer Friendly
The Free Library
22,695,004 articles and books

650-Member Alliance for Internet Security Unveils Tool to Detect Network Vulnerability.

Business Editors/Hi-Tech Writers

RESTON, Va.--(BUSINESS WIRE)--March 23, 2000

ICSA See TruSecure. .net's "NetLitmus" is the critical first step in solving

Internet security ''This article or section is being rewritten at

Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software.
 issues

The Alliance for Internet Security today unveiled a new tool which will determine if corporate networks are vulnerable to participating in cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual.  attacks.

This allows computer network administrators to take corrective action A corrective action is a change implemented to address a weakness identified in a management system. Normally corrective actions are instigated in response to a customer complaint, abnormal levels if internal nonconformity, nonconformities identified during an internal audit or  before their systems are used as part of a Distributed Denial of Service A condition in which a system can no longer respond to normal requests. See denial of service attack.  (DDoS) attacks. The tool, called NetLitmus, will be made available at no cost to anyone who joins the Alliance.

"NetLitmus is the first tool of its kind and a critical first step in solving some of the most pressing security issues today," said Peter Tippett, chairman of the Alliance for Internet Security. "While the solution to Distributed Internet attacks may be a long way off, the introduction of this detection tool is a sign that progress is being made."

Developed by ICSA.net, the company that spearheaded the creation of the Alliance for Internet Security, NetLitmus searches web sites to determine if appropriate filters (i.e. routers and firewalls) are in place and are properly configured con·fig·ure  
tr.v. con·fig·ured, con·fig·ur·ing, con·fig·ures
To design, arrange, set up, or shape with a view to specific applications or uses:
 to prevent a system from being a part of a DDoS attack.

Currently, there is no technology available to fundamentally protect Internet-connected systems from DDoS attacks, but there are steps that can be taken by companies, government agencies and universities to ensure that their systems cannot be used as "slaves" in a DDoS assault.

By reconfiguring routers and firewalls to implement appropriate filtering technologies - organizations can prevent their systems from being used to attack another institution's computers.

Similarly, ISPs can configure See configuration.

(software) configure - A program by Richard Stallman to discover properties of the current platform and to set up make to compile and install gcc.

Cygnus configure was a similar system developed by K.
 customer-facing routers to resist passing such attacks. Network administrators need a way to check the current state of such filtering on their computer systems and their ISP's network. Once such filters are configured, both ISP (1) See in-system programmable.

(2) (Internet Service Provider) An organization that provides access to the Internet. Connection to the user is provided via dial-up, ISDN, cable, DSL and T1/T3 lines.
 technicians and network administrators need to know if they actually work. NetLitmus will make that determination in less than 15 minutes.

Early testing with this tool shows that the majority of companies do not have meaningful filtering in place. Less than 15% of the initial corporate users of the tool had appropriate filtering. Similarly, less than half of the corporation's ISPs had functional filtering for spoofed or fake addresses.

"These numbers will undoubtedly get much worse as we move from motivated security-conscious network engineers, to the broader audience. Doing such filtering is actually quite easy. It takes perhaps 20 minutes to properly configure a router router

Portable electric power tool used in carpentry and furniture making that consists of an electric motor, a base, two handle knobs, and bits (cutting tools). A router can cut fancy edges for shelving, grooves for storm windows and weather stripping, circles and ovals
," said Tippett.

Good information about the problem along with configuration information and links to numerous other resources can be found at the Alliance web site at: http://www.html/communities/ddos/alliance/index.shtml.

Normally, a diagnostic tool like NetLitmus would retail for several hundred dollars. But in an effort to address the DDoS issue quickly and effectively, the tool is being offered free-of-charge to Alliance members.

"NetLitmus is the first solution like this to date. What's important is that it gets into the hands of as many people as possible, as quickly as possible," said Tippett. "That's why we're making it available thorough the Alliance."

The Alliance was formed in February in response to DDoS attacks against Yahoo, eBay and other major Internet sites. Since then, more than 650 Internet service providers Internet service provider (ISP)

Company that provides Internet connections and services to individuals and organizations. For a monthly fee, ISPs provide computer users with a connection to their site (see data transmission), as well as a log-in name and password.
, security vendors, major corporations and industry leaders have joined the organization. To become a member of the Alliance, organizations must pledge to adopt security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising"
security
 that address DDoS attacks.

"It is critical that the Internet community have a way to defend against DDoS raids. This tool gives us an excellent place to start," said Internet security consultant Fred Avolio, of Avolio Consulting, Inc., an Alliance corporate member.

"Not only will NetLitmus detect misconfigured systems in an organization, but will also determine if the organization's ISP is doing its job. This is a very positive development for anyone who is wired to the Internet. It gives us a benchmark against which to work and helps us clean up our immediate environment rather than being an unwitting partner in DDoS attacks."

For more information on the Alliance for Internet Security and NetLitmus, go to www.icsa.net.

About ICSA.net

ICSA.net is an industry leader in the growth and improvement of Internet security. ICSA.net helps businesses reduce their information security risks, and enables the expansion of Internet technology implementation.

ICSA.net has used its leadership and expertise to support the growth of Internet business and commerce worldwide. ICSA.net offers TruSecure security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the  as well as multi-vendor, cross-industry product certification Product certification or product qualification is the process of certifying that a certain product has passed performance and/or quality assurance tests or qualification requirements stipulated in regulations such as a building code and nationally accredited test standards,  programs.
COPYRIGHT 2000 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2000, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Date:Mar 23, 2000
Words:750
Previous Article:STATE COURT DISMISSES WITH PREJUDICE COMPLAINT AGAINST FREEPORT-McMoRan COPPER & GOLD INC.; Dismissal of Similar Case Against FCX in Federal Court...
Next Article:Co-Op Blue Square Cooperative Society to Take Steps to Convert From a Cooperative Society Into a Public Company.



Related Articles
Internet Security Systems provides protection against security vulnerability in Microsoft Internet Explorer.
Internet Security Systems To Showcase First Windows NT, Real-Time Network Attack Recognition and Response Tool At Networld + Interop Las Vegas.
Harris Corporation Provides Small Offices and Individual Users With Security Scanning Tool Originally Developed for Federal Government.
First Tool to Find and Patch All Security Holes on a Single Machine - STAT Scanner Released by Software Shelf at Microsoft Sponsored Tech Ed.
LANguard Network Scanner upgraded. (Network Products).
Check Point Enhances SmartDefense Technology With Greater Protection Against Denial of Service -DoS- Attacks.
Network security scanner now commercial. (Security News and Products).
Catbird Networks Introduces the World's First Intelligent Vulnerability Monitoring Service.
Vulnerability management technology: a powerful alternative to attack management for networks. (Storage Networking).
Citadel Security Software and Internet Security Systems Close the Loop on Vulnerabilities.

Terms of use | Copyright © 2014 Farlex, Inc. | Feedback | For webmasters