Page Two

By Dennis Fisher  |  Posted 2003-03-31 Print this article Print

Unleashing an attack on a single target—especially one such as a small government agency or enterprise—from a network of that size would be devastating. Even the most well-prepared and vigilant security staff would be overwhelmed by that level of malicious traffic.

To help ISPs and telephone companies defend against these attacks, Arbor Networks last week introduced a new version of its Peakflow anti-DDoS software. Peakflow SP integrates many of the techniques that security staffs have developed over the years in fighting DDoS attacks. Among the new features is support for both black-hole routing and sinkhole routing, two common defensive techniques.

Black-hole routing allows the administrator to take all malicious traffic and route it to a null IP address or drop it. Sinkhole routing is similar, except that the traffic is sent to an IP address where it can be examined. Both techniques are often used by administrators at the enterprise level. But theyre far more effective when the ISPs employ them, as this prevents the malicious traffic from reaching the customers network.

Most, if not all, ISPs have some level of DDoS traffic crossing their networks virtually all the time. And while this costs them money in terms of bandwidth and annoys customers, many filtering and routing defenses catch legitimate traffic as well. This puts the service providers in a tight spot.

"Its not that the service providers are a bunch of idiots. Its that theyre saddled with this network and a bunch of issues that are directly in conflict with their customers interests," said Ted Julian, chief strategist at Arbor Networks, based in Waltham, Mass.

But in the end, curtailing or halting DDoS attacks will take a coordinated effort from end users up through the service providers, the security institutes Bakos said.

Most Recent Security Stories:
Search for more stories by Dennis Fisher.
Find white papers on security.
For more security news, check out Ziff Davis Medias Security Supersite.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel