Denial of Security Holes Can Lead to Denial of Service

Vigilance of security-related issues -- not just breaches -- remains a key issue for network administrators. What preventative measures have you taken to assure you won't be victimized by a DoS attack? What more can you do that you're not doing? Read on...

By Linda Paulson | Posted Dec 19, 2001
Page 1 of 3
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Vigilance of security-related issues -- not just breaches -- remains a key issue for network administrators. Issues essential to enterprise security are multifold. To truly be prepared, IT professionals should be aware of basic issues, such as Denial of Service (DoS) attacks and user authentication, as well as potential vulnerabilities.

Perhaps the biggest problem is denial. Denial, as in failure to admit security problems. Estimated security-related losses are routinely under-reported. Although it is too early yet to estimate such losses for 2001, once analysts have sifted through the data, those figures will undoubtedly be low. "We see it every day, where companies don't want to admit that their networks have gotten infected with a virus or compromised by a backdoor Trojan," says Joe Hartmann, director of North American Anti-Virus Research for TrendMicro.

This is a profound problem with implications directly affecting the bottom line. There remains enterprises with poor firewall installations, if any. Network administrators fail to provide minimal or adequate virus protection. These extremely basic elements are now requirements.

One need only think about the words Denial of Service to know how adversely not having network resources available can be to an enterprise.

DoS attacks are most often initiated by something as simple as an employee unwittingly downloading an e-mail message to which a malicious executable file is attached.

"One of the biggest problems I have seen over the last 12 month is that many employees have outside e-mail accounts, which are often not scanned by anti-virus software," says Hartmann. Some anti-virus software does not scan attachments downloaded from web-based or POP3 e-mail accounts.

Additional problems arise from using instant messaging, now vectors for virus infection. "System administrators now have to make the difficult decision if they want to permit these type of chat programs -- which can be indeed quite useful," he says, "or if they want to block them, due to all the potential security problems."

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter