Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Networking

    Hardware Is Only Part of the Solution

    By
    Cameron Sturdevant
    -
    April 8, 2002
    Share
    Facebook
    Twitter
    Linkedin

      A denial-of-service attack can cripple a network, even if access isnt gained, and a single distributed-denial-of-service onslaught can disable a multitude of systems. Products including Top Layer Networks Inc.s Attack Mitigator Version 1.0 can help a lot, as can firewalls, operating system patches, additional servers and working with ISPs to choke off DoS traffic further upstream. (Go to www.eweek.com/links for eWeek Labs March 25 Special Report on security.)

      Although some DoS attacks use only small amounts of carefully crafted packets to jam servers, routers and firewalls, many—especially the DDoS variety—consume all available bandwidth between the ISP and the target site.

      IT staffers from a variety of disciplines must work together to stop future DoS attacks and take the necessary steps to unclog network pipes.

      IT staff should begin a conversation with their organizations ISP. Its best to do this before the heat of a DoS attack is melting the network. Make a list of the names and phone numbers of people at the ISP network operations center, and keep it on a grab sheet in your central IT area.

      Its also worth taking a look at RFC 2267 “Network Ingress Filtering” by Paul Ferguson and Daniel Senie (accessible from www.eweek.com/links). This document has an excellent discussion of a Syn attack and how ingress filtering on various devices can alleviate the problem. It also describes some of the techniques used by packet-filtering products to stop attacks.

      The 80s are Over

      Limiting connections or even eliminating some kinds of TCP/IP traffic through filters on edge routers is another good way to minimize exposure to DoS attacks. For example, most firewalls limit ICMP (Internet Control Message Protocol) messages. In the early 1980s, ping and other ICMP messages were necessary to control transmissions because bandwidth was extremely limited, and routing devices capabilities were rudimentary.

      But these days, ICMP is almost like a public back door into the network. Other than initial trouble-shooting, there is almost no reason why a ping should be allowed to cross the network border. An inbound ICMP echo reply is surely a sign that mischief is afoot.

      To prevent directed broadcast attacks, network managers and system administrators should work together to apply patches to every device that can take one. For example, routers and Layer 3 switches often have some ability to determine if rudimentary broadcast-based attacks have been launched. At the very least, many of these devices and server operating systems can be configured not to respond to broadcast network messages.

      Service packs are available for most versions of Windows and Unix that prevent fragmented packet attacks including teardrop, boink.c and syndrop.c.

      Senior Analyst Cameron Sturdevant is at cameron_sturdevant@ziffdavis.com.

      Cameron Sturdevant
      Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at cameron.sturdevant@quinstreet.com.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×