- BlackBerry Storm vs. the iPhone
- 2008 IT industry graveyard
- Top 10 worst uses for Windows
- Economic crisis means double duty for IT pros
- BlackBerry Storm, RIM's first touchscreen device, rolls in
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
ISPs were put on "trial" Tuesday, with hundreds of IT security professionals serving as jurors, for not doing enough to keep subscribers' computers from being compromised and used as tools in attacks on corporate networks.
The plaintiffs, a couple of fictional companies hit by denial of service attacks, argued that ISPs could do more to prevent "zombie" machines used in attacks by scanning subscribers' computers, monitoring traffic and shutting down suspicious network uses. "ISPs are in the best position to take reasonable steps to diminish the threat," argued real-life cybersecurity lawyer Ben Wright, during a mock trial at the Gartner IT Security Summit in Washington, D.C. "It's very difficult to go out and find the hackers who are responsible for these attacks."
But defense lawyer Stewart Baker, a partner in the Washington office of Steptoe and Johnson, argued that it would be a violation of privacy for ISPs to check subscribers' computers. It would be nearly impossible for ISPs to distinguish between legitimate Internet traffic, such as a subscriber's browser updating a weather map every few seconds, and a computer being used in a denial of service attack, added Baker, representing a group of fictional ISPs.
In a distributed denial of service attack, hackers often first take over a group of thousands of computers by sending out a computer worm. The bad guys then use the group of so-called zombie machines, often tied together through an IRC (Internet relay chat) server called a botnet, to mass attack and crash a Web server. Some hackers use these denial of service attacks to extort money from companies by demanding cash to make the attack stop, according to some IT security experts.
Wright compared the ISPs' relative lack of enforcement to the owner of a dangerous piece of property who doesn't buy a fence to keep others out. But Baker suggested it is a computer owner's responsibility to protect against malicious viruses and worms, not the ISP's. Baker asked the audience how many would be willing to stay at a hotel that offered Internet access in exchange for being allowed to scan their computers for possible security vulnerabilities or illegal files such as music downloads. No one in the audience raised a hand.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Simplify Your Branch Infrastructure
Learn how to simplify your branch infrastructure while dramatically increasing app performance with Citrix Branch Repeater.
Download the Free Info Kit
Next-Gen Load Balancing
Free Guide: "Next Gen Load Balancing: 8 Things You Need to Handle Today's Network Traffic" shows you the functionality needed in your next load balancer.
Download the Free Guide
Accelerate Your Web Apps by up to 5x
Free Guide: "The Secret to Getting Maximum Speed from your Web Applications." Learn how you can deliver Web apps up to 5x faster.
Download the Free Guide
Comment