Major Carriers Ally to Share Attack Fingerprints

A new alliance will allow major carriers to share DoS attack information in real-time, helping ISPs nip disruptions close to the bud.

By Michael Hall | Posted Mar 28, 2005
Page of   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

A new alliance led by Arbor Networks will allow network operators to share information about Internet-based attacks automatically. The company has announced support from a number of major carriers.

The Fingerprint Sharing Alliance has signed on 18 members so far, including Cisco, Earthlink, MCI, Rackspace, and British Telecom. The primary focus of the alliance will be distribution of attack profiles, or "fingerprints" among the members in real-time, using Arbor's Peakflow SP, a tool designed to thwart denial of service (DoS) attacks (define).

According to Arbor, alliance members will use Peakflow SP to analyze surges in network traffic to determine whether the activity is either legitimate "flash traffic" brought on by a planned event, or malicious activity that's the result of a DoS or worm attack. If the traffic is classified as malicious, a fingerprint will be generated and disseminated to upstream service providers for analysis and mitigation, "identifying and removing compromised hosts as close to the internet ingress points as possible."

Whitepapers and presentations on the new alliance are available on Arbor's Web site.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter