Language Selection

English French German Italian Portuguese Spanish

Mock trial shows ISPs aren't to blame

Filed under
Security

Your Internet service provider isn't to blame if your company is hit with a distributed denial-of-service attack. That was the verdict of IT security professionals in a mock trial staged by Gartner at its IT Security Summit last month, in which ISPs were charged with not doing enough to keep subscribers' computers from being compromised and used as tools in attacks on corporate networks.

The plaintiffs, two fictional companies, argued that ISPs could do more to prevent so-called zombie machines from being used in attacks if they scan subscribers' computers, monitor traffic and shut down suspicious network uses. Real-life cybersecurity lawyer Ben Wright compared the ISPs' lack of enforcement to the owner of a dangerous piece of property (such as a shooting range) who doesn't buy a fence to keep others out.

But Stewart Baker, a partner with Steptoe & Johnson, who defended the fictional ISPs, argued that it would be a violation of privacy for ISPs to check subscribers' computers. Baker suggested that it's a computer owner's responsibility to protect against malicious viruses and worms.

The audience of hundreds of IT security professionals served as the jury, using electronic voting boxes to record their opinions. Only 30 percent backed the fictional plaintiffs. Fifty-four percent supported the ISP position, and 16 percent chose neither.

In a distributed denial-of-service attack, hackers often take over thousands of computers by sending out a worm that collects them, through an Internet relay chat server, into a network called a botnet. The bad guys then use these machines to mass attack and crash a Web server.

Source.

More in Tux Machines

Red Hat News

  • Building MySQL DBaaS on OpenStack And Ceph Clouds
    With a properly configured OpenStack deployment and Red Hat Ceph storage backend, DBaaS clients merely go to a self-service interface and request the number and configuration of databases they require. OpenStack dynamically provisions the required storage capacity from the appropriate Ceph storage pool. No more manual placement of these database instances on MySQL clusters of various shapes and sizes. This manual exercise was a bit like playing the old Tetris game, trying to fit new database instances into fixed-sized clusters, followed by moving or rearranging them to new clusters when they outgrew available capacity.
  • Now available: The Open Organization Leaders Manual
    Available now, The Open Organization Leaders Manual is a community-produced companion to Jim Whitehurst's The Open Organization. With contributions from more than 15 authors, it explores new attitudes and practices leaders should adopt when leveraging the power of transparecy, meritocracy, inclusivity, sharing, and collaboration to build the workplaces of the future.
  • Red Hat Inc (RHT) Stake Maintained by Verde Servicos Internacionais S.A.
  • National Pension Service Purchases 12,387 Shares of Red Hat Inc (RHT)

7 cool little open source projects that stood out in 2016

In the early days of the open source movement, a lot of the attention was on operating systems, and later on large content management systems. These days, containers are mentioned regularly even in mainstream news outlets. The big tech stories are great, but they miss the other great activity in the niches of the open source space. I've rounded up seven interesting lesser-known projects from the past year. You can see more articles about projects like this in my Nooks and Crannies column. Read more

RaspArch, the Arch Linux Remix for Raspberry Pi 3 SBCs, Now Shipping with Yaourt

After announcing the release of a new version of his Ubuntu-based ExTiX Linux operating system for Intel Compute Stick devices, Arne Exton has announced today the availability of RaspArch Build 161205. RaspArch is a remix of Arch Linux ARM for Raspberry Pi 3 and Raspberry Pi 2 single-board computers, and the latest release is shipping with the long-term supported Linux 4.4.35 kernel and the latest package versions released upstream as of December 5, 2016. "When you have installed RaspArch to your Micro SD Card you can use the system like any other Arch Linux system, i.e. install new programs, etc," said Arne Exton in the release announcement. "Arch motto is KISS (Keep It Simple Stupid). RaspArch uses kernel 4.4.35-1-ARCH and the LXDE Desktop environment." Read more

Gentoo-Based Porteus Kiosk 4.2 Released with Linux Kernel 4.4.36, Firefox 45.5.1

Porteus Solutions, through Tomasz Jokiel, announced today the release and immediate availability of Porteus Kiosk 4.2.0, the latest stable version of the free and open source Gentoo-based kiosk operating system for web terminals. Powered by the latest long-term supported Linux 4.4.36 kernel, Porteus Kiosk 4.2.0 ships with some of the latest and greatest GNU/Linux technologies and Open Source software projects, including the recently released X.Org Server 1.18.4 display server, as well as the Mozilla Firefox 45.5.1 ESR and Google Chrome 54.0.2840.100 web browsers. Read more