Language Selection

English French German Italian Portuguese Spanish

ISPs join to 'fingerprint' Internet attacks

Filed under
Security
Web

Leading global telecommunications companies, Internet service providers and network operators will begin sharing information on Internet attacks as members of a new group called the Fingerprint Sharing Alliance, according to a published statement from the new group.

The companies, including EarthLink Inc., Asia Netcom, British Telecommunications PLC and MCI Inc., will share detailed profile information on attacks launched against their networks. Information to be shared will include the sources of attacks. The alliance will make it easier for service providers and network operators to crack down on global Internet attacks more quickly, according to Tom Schuster, president of Lexington, Mass.-based Arbor Networks Inc., which launched the new alliance.

The Fingerprint Sharing Alliance uses technology from Arbor called Peakflow to spot network attacks and automatically generate a profile, or "fingerprint," of the attack in a standard data file format called PCAP. That fingerprint information is passed along to other service providers closer to the source of the attack, which can then block the source of the traffic, Schuster said.

Arbor wrapped features that support the Fingerprint Sharing Alliance into the last release of Peakflow, which came out earlier this year. Alliance members have been using Peakflow to share attack fingerprints since then, Schuster said.

The alliance replaces an ad hoc system of e-mail messages and phone calls that operators of large networks have used to coordinate their response to attacks and threats, Arbor said. Because communication has been cumbersome, ISPs and network owners have had no incentive to share attack information.

The alliance will make it easier for them to cooperate and will lower the threshold that attacks must surpass to get the attention of ISPs. Even attacks on small ISP customers will prompt a response from large infrastructure providers. Peakflow also scrubs the data in fingerprints so alliance members can't use them to sniff sensitive information on competitors, according to Schuster.

"People are realizing that the world is a connected place. We have to empower service providers at the point of origin to have zero tolerance," he said.

Cracking down on those behind even small attacks may also improve the overall health of the Internet and quell raging problems such as "botnets" of zombie computers that are used in large-scale attacks, according to Schuster.

Membership in the alliance is not limited to Arbor customers or Peakflow users. Network owners that are not Arbor customers can generate their own fingerprints and accept PCAP-format fingerprints generated by Alliance members. However, Arbor's technology "speeds up the process considerably" by automatically creating and distributing the fingerprints.

All current members of the alliance are Peakflow customers, and the company's roster of global ISPs gives the program bite, Schuster said.

The alliance is a first step in addressing the problem of Internet attacks. Arbor hopes that the participation of leading service providers will compel competitors, as well as smaller network owners, to take part as well.

By Paul Roberts, IDG News Service.

More in Tux Machines

Devices/Mobile

  • AsteroidOS is an Open Source OS for Smartwatches
    Florent Revest is a French computer science student who has been working on an open source operating system for smartwatches for the last two years. Yesterday, he officially launched version 1 of the alpha for AsteroidOS. The goal for the platform was to create something that gave smartwatch owners more control over their privacy, as well as the hardware they purchased. Florent feels that the current proprietary platforms do not guarantee this, and this was the basis for AsteroidOS. He wanted his open source smartwatch operating system to provide freedom with free software, more privacy than other wearable platforms offer, interoperability so it could communicate with other devices, modularity that enabled the user to tweak and change the OS as they see fit, the ability to port the software to as many devices as possible, and gathering a community who is passionate about the platform.
  • AsteroidOS Brings Open Source Functionality To Smartwatches
    Smartwatches may not have taken off like companies were hoping, but they have come quite far in terms of what they can offer and what sorts of features are available for the many different models of smartwatches that are out there. Even with the updated functionality of options like Samsung’s Gear S lineup and Android Wear platforms, though, smartwatches can still feel a little bit limiting, and part of this undoubtedly includes the reason that the operating systems aren’t as open as platforms like Android. That is now changing thanks to a platform called AsteroidOS which is an open source operating system for smartwatches.
  • Mini Apollo Lake module takes the heat — and the cold
    Congatec’s “Conga-MA5” is a Linux-ready COM Express Compact Type 10 Mini module with Apollo Lake SoCs, up to 128GB eMMC 5.1, and -40 to 85°C support. Congatec was one of the first embedded vendors to announce computer-on-modules based on Intel’s Atom E3900 and other Apollo Lake Pentium and Celeron SoCs. The offerings included a Qseven module, a SMARC 2.0 module, and a COM Express Compact Type 6 Conga-TCA5. The company has now followed up with a COM Express Compact Type 10 Mini Conga-MA5 module.
  • Top 20 Best Tizen Apps for November 2016, Tizen Smartphone
  • Smartphone game: Indian Football League game comes to the Tizen Store

Security News

Red Hat and Fedora

Technical
  • Red Hat Takes OpenShift Dedicated to Google Cloud Platform
    Red Hat has steadily taken significant steps in the cloud computing arena, expanding the focus of its OpenShift open source Platform-as-a-Service hybrid cloud computing offering, including launching a cloud-hosted commercial edition called OpenShift Online. Now, the company has announced the availability of OpenShift Dedicated on Google Cloud Platform. The new offering brings Red Hat’s container platform as a managed service offering to enterprise customers who want to build, launch, and manage applications on OpenShift Dedicated with Google Cloud Platform as their underlying cloud infrastructure. With the availability of OpenShift Dedicated on Google Cloud Platform, users can speed adoption of containers, Kubernetes, and cloud-native application patterns, according to Red Hat. Users also get access to Google’s global, container-optimized infrastructure and can more easily augment their applications with Google’s ecosystem of data analytics, machine learning, compute, network, and storage services.
  • Red Hat Launches OpenShift Dedicated on Google Cloud Platform
    Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced the general availability of OpenShift Dedicated on Google Cloud Platform. The new offering brings Red Hat’s award-winning container platform as a managed service offering to enterprise customers who want to build, launch, and manage applications on OpenShift Dedicated with Google Cloud Platform as their underlying cloud infrastructure. With the availability of OpenShift Dedicated on Google Cloud Platform, users can speed adoption of containers, Kubernetes, and cloud-native application patterns, benefiting from Red Hat’s deep enterprise experience. Users also benefit from Google’s global, container-optimized infrastructure and can more easily augment their applications with Google’s ecosystem of data analytics, machine learning, compute, network, and storage services.
  • Image Gallery: Synnex Cloud Catalyst Conference Featuring Red Hat, XMedius, Plantronics
Financial Fedora/Community
  • Fedora 23 End of Life
    With the recent release of Fedora 25, Fedora 23 will officially enter End Of Life (EOL) status on December 20th, 2016. After December 20th, all packages in the Fedora 23 repositories will no longer receive security, bugfix, or enhancement updates, and no new packages will be added to the Fedora 23 collection. Upgrading to Fedora 24 or Fedora 25 before December 20th 2016 is highly recommended for all users still running Fedora 23.
  • What Is Wayland and What Does It Means for Linux Users
    Fedora 25 is now out. People are buzzing, as the team have decided to make Wayland the default graphical session going forward. For many Linux users Wayland is a new term that has popped up, but one that they do not understand. In this article we’ll briefly go over what Wayland is, what it does, and why developers are flocking to it in droves! What exactly is Wayland? Let’s find out!
  • Korora 25 is Ready
    The Korora Project has released version 25 (codename "Gurgle") which is now available for download. As usual, you can find a list of already known problems at the common F25 bugs page.
  • Fedora Design Interns Update
  • Holiday Break 2016.
    It’s sad I don’t get more time to post here these days. Being a manager is a pretty busy job, although I have no complaints! It’s enjoyable, and fortunately I have one of the best teams imaginable to work with, the Fedora Engineering team.

openSUSE Says Goodbye to AMD/ATI Catalyst (fglrx) Proprietary Graphics Drivers

openSUSE developer Bruno Friedmann, informed the community of the openSUSE Linux operating system about the fact that he's planning to remove the old ATI/AMD Catalyst (also known as fglrx) proprietary graphics drivers. Read more