[46759] in North American Network Operators' Group
Latest CERT/CC attack trends
daemon@ATHENA.MIT.EDU (Sean Donelan)
Tue Apr 9 23:19:16 2002
Date: Tue, 9 Apr 2002 23:17:09 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: nanog@merit.edu
Message-ID: <Pine.GSO.4.40.0204092246290.411-100000@clifden.donelan.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
CERT/CC has published a paper on the latest trends in malicious
attacks (not accidents, operator error, etc) on the Internet.
http://www.cert.org/archive/pdf/attack_trends.pdf
CERT/CC identifies four increasing trends affecting the network
infrastructure:
1. Distributed Denial of Service - From an infrastructure point
of view this is a resource exhaustion issue (bandwidth, arp
tables, cpu, etc)
2. Worms - Really a vector rather than a different attack, how the
attack payload is delivered
3. Attacks on the Domain Name System - Registry security, cache issues
at all levels, out of date server software
4. Attacks against or using routers - Transitive trust issues,
control/data seperation, poorly secured routers used as attack
platforms
