NETWORK WORLD NEWSLETTER: JOHNA TILL JOHNSON ON THE DATA CENTER 11/30/04 Today's focus: Hackers step up DDoS assaults with use of 'zombie armies'
Dear [EMAIL PROTECTED], In this issue: * DDoS attacks and ways to protect against them * Links related to Data Center * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Lucent Align Your IT Resources and Deliver Results Fast IDC reports that Lucent VitalSuite(r) Performance Management Software helps many businesses centrally monitor, manage and deliver advanced services rapidly while generating outstanding financial benefits-an average ROI as high as 719% and 133 day payback. Use the IDC ROI Calculator tool to learn how VitalSuite(r) software can benefit your operations and bottom line too. http://www.fattail.com/redir/redirect.asp?CID=89325 _______________________________________________________________ COMPREHENSIVE ENTERPRISE STORAGE INFORMATION Go to NW Fusion's Research Center for detailed information on enterprise storage. Find the latest breaking news, case studies, white papers, commentary, reviews and more. Topics on how ILM impacts your storage strategy, how to migrate to a new tape drive, how to link SAN islands and more are all found in the Research Center. Click here: http://www.fattail.com/redir/redirect.asp?CID=89265 _______________________________________________________________ Today's focus: Hackers step up DDoS assaults with use of 'zombie armies' By Johna Till Johnson You may have heard about distributed denial-of-service attacks and the harm they can wreak on organizations. You might think you're safe because you're not a clear target like Google, Yahoo, or Microsoft (all of which have suffered severe outages due to distributed DoS attacks), or if you're primarily a "bricks-and-mortar" organization with limited Web presence. You'd be wrong. In recent months, two trends have combined to greatly increase the risk to companies of distributed DoS attacks. The first is that an increasing number of organizations are using the Internet to enable remote workers to connect to corporate resources. The number of remote workers has skyrocketed by 800% in the past five years, according to recent research from Nemertes Research. Many of those users connect to corporate resources via the Internet and distributed DoS attacks could keep these legitimate users from accessing their data center resources. The second trend is the dramatic increase in distributed DoS-based extortion. Hackers have learned that the ability to connect to the Internet has tangible value, and they're starting to use distributed DoS attacks as a way to attempt to force companies to pay up. Carl Landwehr, program director for the National Science Foundation's (NSF) CyberTrust program, points out that in 2004 there has been a notable increase in distributed DoS-for-money attacks: A hacker will launch an attack, then contact the victim and demand money (usually $10,000 to $50,000) to make it stop. While the most common targets for such attacks are online businesses such as casinos, any organization with a Web site is a potential target. As with any denial-of-service attack, distributed DoS attacks work by paralyzing the victim's servers and systems and clogging their network access points with useless traffic. Technically, today's distributed DoS attacks are a step up in sophistication from the old denial-of-service attacks of yore. With distributed DoS, the attacker lines up a network of hacked machines-called "zombies" across the Internet that, upon command, launches an assault on the target. Many times, taking out the "control" machine won't stop the attack - the "zombies" keep on assaulting the victim. Moreover, hackers don't even need to create their own "zombie armies" - other hackers have compiled armies as large as 20,000 machines, and will rent these to other hackers. To protect against distributed DoS attacks, data center managers should look into network-based solutions, particularly services provided by players such as AT&T and Sprint (which recently announced distributed DoS-protection products) and Equinix, which offers Exquinix Direct, an option for providing connectivity via multiple ISPs. Premises-based solutions can be helpful, but only in protecting servers and other on-site resources - they don't protect against network congestion that can take a site offline. (Any solution that drops packets only when they've reached the premises can't address network congestion.) Johna Till Johnson is president and chief research officer at Nemertes Research. Reach her at <mailto:[EMAIL PROTECTED]> RELATED EDITORIAL LINKS DDoS attacks and their protecting against them http://staff.washington.edu/dittrich/misc/ddos/ An example of "zombie armies" in action http://www.theregister.co.uk/2004/08/27/ddos_mafia_busted/ AT&T's DDoS protection http://www.att.com/news/2004/06/01-13096 Sprint's DDoS protection http://www.sprint.com/business/products/products/ipDefender.jsp Equinix's mutihomed Internet service http://www.equinix.com/press/press/2003/04_04_03.htm Sun to boost storage package Network World, 11/29/04 http://www.nwfusion.com/news/2004/112904sun.html _______________________________________________________________ To contact: Johna Till Johnson Johnson is president and chief research officer at Nemertes Research, an independent technology research firm. Reach her at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Lucent Align Your IT Resources and Deliver Results Fast IDC reports that Lucent VitalSuite(r) Performance Management Software helps many businesses centrally monitor, manage and deliver advanced services rapidly while generating outstanding financial benefits-an average ROI as high as 719% and 133 day payback. Use the IDC ROI Calculator tool to learn how VitalSuite(r) software can benefit your operations and bottom line too. http://www.fattail.com/redir/redirect.asp?CID=89324 _______________________________________________________________ ARCHIVE LINKS Archive of the Data Center newsletter: http://www.nwfusion.com/newsletters/datacenter/index.html Data Center research center: http://www.nwfusion.com/topics/datacenter.html _______________________________________________________________ FEATURED READER RESOURCE DOWNLOAD INDUSTRY WHITE PAPERS NOW NW Fusion's White Paper Library is your source for the latest industry white papers. Recent additions to the library include white papers on securing remote access, VOIP and productivity, domain name system best practices, WLAN security, IT documentation and much more. Click here to download: <http://www.nwfusion.com/vendorview/whitepapers.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here : http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
