http://www.zdnet.com/intweek/stories/news/0,4164,2807746,00.html By Brian Ploskina Interactive Week August 27, 2001 If there is anyone that should know about denial-of-service attacks, it would be Network Associates Inc.. The security technology company was hit by one in late January, bringing parts of its site to a screeching halt. Whether it's out of irony or vindication, NAI's antivirus unit McAfee.com has launched a preliminary assault on DoS attacks that it hopes will illustrate its leadership as a security powerhouse. McAfee's detractors aren't so sure it can fulfill that promise. "In the end, something might come out of this, but in the short term, I'm a little skeptical," said Parag Pruthi, CEO of security firm Niksun. "This only works for them in the short term for publicity." McAfee's approach to fighting DoS attacks was to partner last week with several industry leaders in DoS prevention: Arbor Networks, Asta Networks and Mazu Networks. The competition between those three, as well as Captus Networks and Pruthi's Niksun, has been fierce so far because the market is new and no one has taken a clear lead yet. McAfee representatives hope that through collaboration and research McAfee's customers will be able to download some kind of software that defends them against DoS attacks. "Our thought process behind this was that while we have great researchers, we looked to see if there were other resources we could tap to gain more knowledge into this fight on denial-of-service attacks," said Vincent Gullotto, senior director of McAfee's research unit. It's this notion of collaboration, research and feel-good politics that Pruthi is pessimistic about. He feels a research system dependent on three companies that compete with each other will produce very few results. "You can't share your intellectual property with someone else," Pruthi said. "You're walking on pins and needles all the time, and it becomes a rather difficult situation for the members involved." Pruthi would know. Early last year, Niksun joined the Alliance for Internet Security, a research group whose members consist of security companies and whose mission is to fight distributed network attacks such as DoS. The AIS is run by ICSA Labs, an independent organization that is now a division of TruSecure. The alliance was formed in the wake of well-publicized DoS attacks such as the ones on eBay and Yahoo!. Since then, Pruthi said, nothing has really been accomplished. "We raised awareness and people understood the problems, but did the collaborations happen in a way I would expect them to happen? No," Pruthi said. "I was disappointed because real results were never made available to customers." Pruthi said that if this was the end result of an independent organization, he holds little faith in McAfee's new partners and their abilities to collaborate effectively. But no one is making any bold statements about how this new coalition will work, said Ted Julian, Arbor's chief strategist and co-founder. He said that there is a strong intent for all companies involved to work together, but how closely has yet to be defined. Julian admitted that research collaboration could be an issue, but no one has defined how closely these companies need to work together. "We are early in the stage of this thing, and it was appropriate that none of us made bold claims," he said. However, McAfee claimed that this collaboration would produce a "new solution that will not only identify when networks are under attack, but also whether systems are unknowingly participating in attacks against other sites." As for those claims by McAfee, Julian said: "I think it was clear who was in the driver's seat on this release." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Aug 28 2001 - 08:39:38 PDT