Blaster Worm Fails to Penetrate TippingPoint's Customer Networks.Business Editors/High-Tech Writers AUSTIN, Texas--(BUSINESS WIRE)--Aug. 13, 2003 UnityOne Utilizes Virtual Software Patch(tm) (VSP VSP - Very Simple Prolog+. ) Technology to Preemptively Stop Blaster, also known as LovSan TippingPoint Technologies Inc. (Nasdaq:TPTI TPTI Third Party Turn In ), the leaders in high-speed intrusion prevention See IPS and IDS. , today announced that its network-based UnityOne(tm) Intrusion Prevention Systems and Appliances have shielded customers from the Blaster worm, a worm using the critical Microsoft Remote Procedure Call (RPC (Remote Procedure Call) A programming interface that allows one program to use the services of another program in a remote machine. The calling program sends a message and data to the remote program, which is executed, and results are passed back to the calling ) vulnerability to take over a host. The Blaster worm, also known as MSBlast and LovSan, is scheduled to execute a Denial of Service A condition in which a system can no longer respond to normal requests. See denial of service attack. (DoS) attack Saturday on Microsoft's patch site, www.windowsupdate.com, with remotely controlled, infected hosts. "The UnityOne was effective at blocking the Blaster worm," said Mike Phillips Mike Phillips may refer to
TippingPoint delivered an inoculation inoculation, in medicine, introduction of a preparation into the tissues or fluids of the body for the purpose of preventing or curing certain diseases. The preparation is usually a weakened culture of the agent causing the disease, as in vaccination against for this type of attack to customers eight days before the exploit existed (see related announcement released July 31, "TippingPoint Protects Critical Microsoft Vulnerability," http://www.tippingpoint.com/news_events/). The inoculation is based on TippingPoint's Virtual Software Patch (VSP) technology. "Our VSP technology allows us to examine a software vulnerability and then build an inoculation that looks for anomalous network-based application behavior," said TippingPoint's Chief Technology Officer Marc Willebeek-LeMair. "We do this in a matter of hours from the time a vulnerability is published. It takes our customers about 30 seconds to inoculate in·oc·u·late v. 1. To introduce a serum, a vaccine, or an antigenic substance into the body of a person or an animal, especially as a means to produce or boost immunity to a specific disease. 2. tens of thousands of hosts. One customer estimated that it would otherwise take them 10 man-years to patch all of their hosts." "It is also interesting that the attack targets Microsoft's site where patches are supplied," said Willebeek-LeMair. "The act intentionally highlights today's problem with organizations relying on patching. Administrators no longer have the financial or human resources The fancy word for "people." The human resources department within an organization, years ago known as the "personnel department," manages the administrative aspects of the employees. to patch all of their systems." "The UnityOne is protecting our mission critical servers from worms and other cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual. threats," said Thomas Danford, the University of Dayton's Associate Provost and Chief Information Officer. "We have over 7,000 student-owned, Windows-based workstations on the university network. Patching all of the hosts is not possible. This is the second time the UnityOne has protected us from a major worm. In addition to shielding us from Blaster, we were also protected from Slammer A worm that caused a billion dollars worth of damage on the Internet on January 25, 2003. Slammer infected computers all over the Internet by generating random IP addresses and causing the computer's buffer to overflow with its own instructions that replicate itself and start the process ." According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. some sources, the Microsoft patch may not be able to protect all systems. TippingPoint's UnityOne Intrusion Prevention Appliances and Systems are the only devices capable of protecting organizations from the current worm or any other attack that attempts to exploit this RPC vulnerability. TippingPoint's UnityOne provides a centralized cen·tral·ize v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es v.tr. 1. To draw into or toward a center; consolidate. 2. point of protection in the network that is constantly updated with the latest vulnerability filters through a Digital Vaccine(tm) service. The UnityOne protects unpatched systems from known and unknown exploits, providing immediate return on investment. "Once all is said and done, the Blaster worm will most likely be the costliest exploit to date," said Willebeek-LeMair. "Given the speed with which new vulnerabilities are discovered coupled with the possibility of even more severe payloads, the unfortunate reality is that we can only expect things to get worse before they get better." TippingPoint ranks and prioritizes the newest vulnerabilities for the SANS Critical Vulnerability Analysis In information operations, a systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such newsletter on a weekly basis. The information is also used internally to create security filters that protect customers against the latest vulnerabilities. The Microsoft RPC exploit affects any computer utilizing Microsoft Windows See Windows. (operating system) Microsoft Windows - Microsoft's proprietary window system and user interface software released in 1985 to run on top of MS-DOS. Widely criticised for being too slow (hence "Windoze", "Microsloth Windows") on the machines available then. NT 4.0, Microsoft Windows 2000, Microsoft Windows XP, and Microsoft Windows Server 2003. TippingPoint's ASIC-based UnityOne Intrusion Prevention Systems and Appliances utilize vulnerability-based security filters and perform total packet inspection on Layer 2 through Layer 7 to proactively block malicious traffic. With the Digital Vaccine service, attack blocking is instant and automated. TippingPoint's UnityOne detects and blocks worms, viruses, Trojan horses It may never be fully completed or, depending on its its nature, it may be that it can never be completed. However, new and revised entries in the list are always welcome.
To obtain the immediate protection against the latest cyber threats, please contact 1-866-681-TECH (8324) or e-mail prodinfo@tippingpoint.com. About TippingPoint Technologies TippingPoint Technologies is the leading provider of network-based intrusion prevention systems that deliver in-depth protection and attack eradication for corporate enterprises, government agencies, service providers and academic institutions. This innovative approach offers customers an effective network-based security solution with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-88UNITYONE. TippingPoint Technologies, the TippingPoint logo, UnityOne, the UnityOne logo and Digital Vaccine are registered trademarks of TippingPoint Technologies Inc. TippingPoint Forward-looking Statements This announcement contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. These forward-looking statements are subject to significant risks and uncertainties. Although TippingPoint believes that the expectations reflected in its forward-looking statements are reasonable, TippingPoint can give no assurance that such expectations or any of its forward-looking statements will prove to be correct, and future results may differ from those discussed in this press release. Important information regarding the factors that may affect TippingPoint's future performance is included in its public reports that it files with the Securities and Exchange Commission. TippingPoint disclaims any intention or obligation to revise any forward-looking statements whether as a result of new information, future event, change in expectations, conditions or circumstances, or otherwise. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof. The inclusion of any statement in this release does not constitute an admission by TippingPoint or any other person that the events or circumstances described in such statement are material. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion