Language Selection

English French German Italian Portuguese Spanish

ISPs join to 'fingerprint' Internet attacks

Filed under
Security
Web

Leading global telecommunications companies, Internet service providers and network operators will begin sharing information on Internet attacks as members of a new group called the Fingerprint Sharing Alliance, according to a published statement from the new group.

The companies, including EarthLink Inc., Asia Netcom, British Telecommunications PLC and MCI Inc., will share detailed profile information on attacks launched against their networks. Information to be shared will include the sources of attacks. The alliance will make it easier for service providers and network operators to crack down on global Internet attacks more quickly, according to Tom Schuster, president of Lexington, Mass.-based Arbor Networks Inc., which launched the new alliance.

The Fingerprint Sharing Alliance uses technology from Arbor called Peakflow to spot network attacks and automatically generate a profile, or "fingerprint," of the attack in a standard data file format called PCAP. That fingerprint information is passed along to other service providers closer to the source of the attack, which can then block the source of the traffic, Schuster said.

Arbor wrapped features that support the Fingerprint Sharing Alliance into the last release of Peakflow, which came out earlier this year. Alliance members have been using Peakflow to share attack fingerprints since then, Schuster said.

The alliance replaces an ad hoc system of e-mail messages and phone calls that operators of large networks have used to coordinate their response to attacks and threats, Arbor said. Because communication has been cumbersome, ISPs and network owners have had no incentive to share attack information.

The alliance will make it easier for them to cooperate and will lower the threshold that attacks must surpass to get the attention of ISPs. Even attacks on small ISP customers will prompt a response from large infrastructure providers. Peakflow also scrubs the data in fingerprints so alliance members can't use them to sniff sensitive information on competitors, according to Schuster.

"People are realizing that the world is a connected place. We have to empower service providers at the point of origin to have zero tolerance," he said.

Cracking down on those behind even small attacks may also improve the overall health of the Internet and quell raging problems such as "botnets" of zombie computers that are used in large-scale attacks, according to Schuster.

Membership in the alliance is not limited to Arbor customers or Peakflow users. Network owners that are not Arbor customers can generate their own fingerprints and accept PCAP-format fingerprints generated by Alliance members. However, Arbor's technology "speeds up the process considerably" by automatically creating and distributing the fingerprints.

All current members of the alliance are Peakflow customers, and the company's roster of global ISPs gives the program bite, Schuster said.

The alliance is a first step in addressing the problem of Internet attacks. Arbor hopes that the participation of leading service providers will compel competitors, as well as smaller network owners, to take part as well.

By Paul Roberts, IDG News Service.

More in Tux Machines

NHS open-source Spine 2 platform to go live next week

Last year, the NHS said open source would be a key feature of the new approach to healthcare IT. It hopes embracing open source will both cut the upfront costs of implementing new IT systems and take advantage of using the best brains from different areas of healthcare to develop collaborative solutions. Meyer said the Spine switchover team has “picked up the gauntlet around open-source software”. The HSCIC and BJSS have collaborated to build the core services of Spine 2, such as electronic prescriptions and care records, “in a series of iterative developments”. Read more

What the Linux Foundation Does for Linux

Jim Zemlin, the executive director of the Linux Foundation, talks about Linux a lot. During his keynote at the LinuxCon USA event here, Zemlin noted that it's often difficult for him to come up with new material for talking about the state of Linux at this point. Every year at LinuxCon, Zemlin delivers his State of Linux address, but this time he took a different approach. Zemlin detailed what he actually does and how the Linux Foundation works to advance the state of Linux. Fundamentally it's all about enabling the open source collaboration model for software development. "We are seeing a shift now where the majority of code in any product or service is going to be open source," Zemlin said. Zemlin added that open source is the new Pareto Principle for software development, where 80 percent of software code is open source. The nature of collaborative development itself has changed in recent years. For years the software collaboration was achieved mostly through standards organizations. Read more

Arch-based Linux distro KaOS 2014.08 is here with KDE 4.14.0

The Linux desktop community has reached a sad state. Ubuntu 14.04 was a disappointing release and Fedora is taking way too long between releases. Hell, OpenSUSE is an overall disaster. It is hard to recommend any Linux-based operating system beyond Mint. Even the popular KDE plasma environment and its associated programs are in a transition phase, moving from 4.x to 5.x. As exciting as KDE 5 may be, it is still not ready for prime-time; it is recommended to stay with 4 for now. Read more

diff -u: What's New in Kernel Development

One problem with Linux has been its implementation of system calls. As Andy Lutomirski pointed out recently, it's very messy. Even identifying which system calls were implemented for which architectures, he said, was very difficult, as was identifying the mapping between a call's name and its number, and mapping between call argument registers and system call arguments. Some user programs like strace and glibc needed to know this sort of information, but their way of gathering it together—although well accomplished—was very messy too. Read more