Search



AuthenticationWorld.Com

About

This page contains a single entry from the blog posted on November 24, 2006 9:04 AM.

The previous post in this blog was Spyware - A Significant threat.

The next post in this blog is More on protecting against recursive denial of service attacks.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]

« Spyware - A Significant threat | Main | More on protecting against recursive denial of service attacks »

Partnering with criminals

When criminals have a bigger stick than do authorities who are powerless do defend you, then it's time to worry. Read this archived story "Attack of the Bots" from Wired Magazine of this year.

The story describes the demise of a company called Blue Security. Blue Security was a company with 500,000 customers. It's purpose was to defend companies against spam. Every time it's customers received spam, A Blue Security bot would email the spammer. It was using "good" bots to defend itself against "bad" bots sending spam.

What happened in May of this year is that botnet criminals decided to take down Blue Security. To do so, they emailed Blue Security customers letting them know that if they continued to use Blue Security, they would receive 20-40 times more spam and be involved in Denial of Service attacks. Blue Security responded with press releases telling the world that it was an effective deterrent from spam.

The story then takes the reader on a step by step story of how Blue Security and other companies associated with it, came under huge denial of service attacks. The attacks were so large that the companies in the end admitted defeat and WENT OUT OF BUSINESS.

The story quotes ""We used to call the Internet a sort of Wild West," "Now it's more like Chicago in the 1920s with Al Capone".

What did authorities do? Nothing. The attacks come from computers controlled all over the world. Therefore, it currently crosses international law for which there is nothing in place to effectively protect against a denial of service attack.

As I have documented in a previous blog, the underlying DNS problems with recursive servers, with approximately 50% of DNS servers being recursive, enables these attacks by bots. Further, the ability to spoof DNS ID headers also enables the bots to spoof the victims address in a DNS request. Finally, the size of these types of attacks can bring down whole portions of the internet.

IN OTHER WORDS THERE IS NO SOLUTION IN SIGHT.

What should a company do to protect itself against this type of attack? From my own personal perspective, I think the only answer at the moment is to PARTNER WITH CRIMINALS and pay them off to protect your enterprise against these types of attacks by threatening other criminals with a bigger stick. If your business relies upon the internet for a significant amount of your business, there is no other choice at the moment. The police can't stop these attacks. They can only do a limited amount of prosecution.

It is time for international laws to be put in place with teeth to prosecute criminals doing Denial of Service attacks. This on it's own won't prevent these types of attacks until recursive DNS servers are almost eliminated and DNSSEC (a technology with lots of problems but a better solution than having nothing) is implemented.

The chances of this happening are slim to non-existent in the next two years. It is time to tell politicians and internet regulatory authorities know that this situation must change such that we don’t have to partner with criminals to keep our internet doors open.

Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com


Posted by Guy Huntington on November 24, 2006 9:04 AM |

TrackBack

TrackBack URL for this entry:
http://www.authenticationworld.com/cgi-bin/blog/mt-tb.cgi/51

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)