If there is anyone that should know about denial-of-service attacks, it would be Network Associates Inc.. The security technology company was hit by one in late January, bringing parts of its site to a screeching halt.
Whether its out of irony or vindication, NAIs antivirus unit McAfee.com has launched a preliminary assault on DoS attacks that it hopes will illustrate its leadership as a security powerhouse. McAfees detractors arent so sure it can fulfill that promise.
"In the end, something might come out of this, but in the short term, Im a little skeptical," said Parag Pruthi, CEO of security firm Niksun. "This only works for them in the short term for publicity."
McAfees approach to fighting DoS attacks was to partner last week with several industry leaders in DoS prevention: Arbor Networks, Asta Networks and Mazu Networks. The competition between those three, as well as Captus Networks and Pruthis Niksun, has been fierce so far because the market is new and no one has taken a clear lead yet.
McAfee representatives hope that through collaboration and research McAfees customers will be able to download some kind of software that defends them against DoS attacks.
"Our thought process behind this was that while we have great researchers, we looked to see if there were other resources we could tap to gain more knowledge into this fight on denial-of-service attacks," said Vincent Gullotto, senior director of McAfees research unit.
Its this notion of collaboration, research and feel-good politics that Pruthi is pessimistic about. He feels a research system dependent on three companies that compete with each other will produce very few results.
"You cant share your intellectual property with someone else," Pruthi said. "Youre walking on pins and needles all the time, and it becomes a rather difficult situation for the members involved."
Pruthi would know. Early last year, Niksun joined the Alliance for Internet Security, a research group whose members consist of security companies and whose mission is to fight distributed network attacks such as DoS. The AIS is run by ICSA Labs, an independent organization that is now a division of TruSecure.
The alliance was formed in the wake of well-publicized DoS attacks such as the ones on eBay and Yahoo!. Since then, Pruthi said, nothing has really been accomplished.
"We raised awareness and people understood the problems, but did the collaborations happen in a way I would expect them to happen? No," Pruthi said. "I was disappointed because real results were never made available to customers."
Pruthi said that if this was the end result of an independent organization, he holds little faith in McAfees new partners and their abilities to collaborate effectively.
But no one is making any bold statements about how this new coalition will work, said Ted Julian, Arbors chief strategist and co-founder. He said that there is a strong intent for all companies involved to work together, but how closely has yet to be defined.
Julian admitted that research collaboration could be an issue, but no one has defined how closely these companies need to work together. "We are early in the stage of this thing, and it was appropriate that none of us made bold claims," he said.
However, McAfee claimed that this collaboration would produce a "new solution that will not only identify when networks are under attack, but also whether systems are unknowingly participating in attacks against other sites."
As for those claims by McAfee, Julian said: "I think it was clear who was in the drivers seat on this release."