Denial of Security Holes Can Lead to Denial of Service

Vigilance of security-related issues -- not just breaches -- remains a key issue for network administrators. What preventative measures have you taken to assure you won't be victimized by a DoS attack? What more can you do that you're not doing? Read on...

By  Linda Paulson | Dec 19, 2001
Page 1 of 3
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Vigilance of security-related issues -- not just breaches -- remains a key issue for network administrators. Issues essential to enterprise security are multifold. To truly be prepared, IT professionals should be aware of basic issues, such as Denial of Service (DoS) attacks and user authentication, as well as potential vulnerabilities.

Perhaps the biggest problem is denial. Denial, as in failure to admit security problems. Estimated security-related losses are routinely under-reported. Although it is too early yet to estimate such losses for 2001, once analysts have sifted through the data, those figures will undoubtedly be low. "We see it every day, where companies don't want to admit that their networks have gotten infected with a virus or compromised by a backdoor Trojan," says Joe Hartmann, director of North American Anti-Virus Research for TrendMicro.

This is a profound problem with implications directly affecting the bottom line. There remains enterprises with poor firewall installations, if any. Network administrators fail to provide minimal or adequate virus protection. These extremely basic elements are now requirements.

One need only think about the words Denial of Service to know how adversely not having network resources available can be to an enterprise.

DoS attacks are most often initiated by something as simple as an employee unwittingly downloading an e-mail message to which a malicious executable file is attached.

"One of the biggest problems I have seen over the last 12 month is that many employees have outside e-mail accounts, which are often not scanned by anti-virus software," says Hartmann. Some anti-virus software does not scan attachments downloaded from web-based or POP3 e-mail accounts.

Additional problems arise from using instant messaging, now vectors for virus infection. "System administrators now have to make the difficult decision if they want to permit these type of chat programs -- which can be indeed quite useful," he says, "or if they want to block them, due to all the potential security problems."

jfreund@internet.com

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter
Helpful Links

  • Yankee Group Mobile WAN Optimization Report

    Mobile work continues to evolve. Your organization must keep up with the demands of its mobile workforce. This report introduces the concept of mobile WAN optimization and provides three case studies including RCM, PRTM and Einstein that highlight how this emerging technology can help IT departments achieve what previously appeared to be conflicting goals. Read >

  • Network Security Resources

    More threats than ever before pose a danger to today's enterprise network. Get the latest tips and intel on the newest risks in our guide to network security resources. Read >

  • Extreme Savings: Cutting Costs with WAN Optimization

    Did you know it's possible to cut IT costs without impacting day-to-day IT operations? In fact, when you download this whitepaper from Riverbed on cost-savings through WAN optimization, you'll discover how businesses of all different sizes have realized a return on investment in just a few months through significant hard cost savings in areas such as bandwidth reduction and IT consolidation. It's called Extreme Savings and its only from Riverbed. Read >