Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 5 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Industry should come together to defend against DDoS – comments

by The Gurus
April 1, 2015
in Editor's News
Share on FacebookShare on Twitter

The online community needs to develop industry-based mitigation technologies that incorporate mechanisms to distribute attack source information into ISPs, so they can squelch the attacks closer to the source.
 
As part of a survey released yesterday, Rodney Joffe, senior vice president and technology fellow at Neustar, said that the industry needs to improve visibility and understanding of activities in the criminal underground, so their command and control structures can be disabled rapidly.
 
In an email to IT Security Guru, 44CON co-founder Steve Lord said that the problem is that those participating in the DDoS are usually unwitting victims themselves. He said: “While there’s scope for an open source threat intelligence project, is handing out lists of compromised victims the best idea, or will it be treated like a loser list for criminals?
 
Asked why ISPs do not develop solutions to “squelch the attacks closer to the source”, Lord said that simply it is not the job of the ISP to do that. “Take the recent man in the side attack on GitHub; if an ISP finds the victim do they block access to GitHub? Do they disconnect the user? In this case user systems were not even compromised, it was simply that code was injected into browser sessions. Should ISPs shut down business connectivity because someone had browser content injected into a page they visited? Who’ll pay for it?”
 
Dave Larson, CTO of Corero agreed, saying that an attacker who has spoofed an IP address in order to effect the attack is virtually untraceable, and the ‘attacking’ machines may be vital to the operation of the network.
 
He said: “In large reflected or amplified DDoS attacks, the ‘attacking’ machines may be distributed across a wide geographic area – perhaps even globally – so distributing the solution closer to the source would be advantageous in that it would address the problem before the cascade had opportunity to aggregate into an attack of truly large proportions. The difficulty in this approach lies with the difficulty in distributing a solution across geographic distance and beyond ISP control frameworks – hence the need for open DDoS threat signaling.”
 
Asked if industry could work together to develop solutions that are for the benefit of the industry, rather than just for profit, Lord pointed to offerings from Team Cymru, while Larson said that the industry would be benefited by cooperation among security technology vendors.
 
“But this problem could benefit by an even more inclusive approach – incorporating perspectives from operators (carriers, service providers, cloud hosters, etc.) as well as application developers,” Larson said.
 
“In the world of DDoS, it is nearly impossible to treat the problem as one where we can squelch the attack as close to the source as possible, as Neustar implies. This is because a significant fraction of overall DDoS traffic (maybe even a majority) is reflected or amplified DDoS, which is created by spoofing legitimate servers and services to respond in unison to an unwitting victim. Blacklisting these entities would be problematic – in the case of DNS servers, it would be unthinkable. But the basic premise, that the industry should combine forces against this problem is sound. In fact, the beginnings of that are already occurring.”

FacebookTweetLinkedIn
Tags: attackCollaborationDDoS
ShareTweetShare
Previous Post

Researchers warn of "disappearing malware"

Next Post

New face for new Challenges

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information