Skip to main content /TECH with /TECH

New tools address denial-of-service threat


(IDG) -- Concerns about denial-of-service attacks are resulting in a growing number of products and services aimed at helping companies detect, trace and block the threat. But most of the technologies do little to prevent such attacks outright, users said.

Denial-of-service attacks basically make computer systems inaccessible by overloading servers or networks with useless traffic so legitimate users can no longer access those resources.

Last week, Cambridge, Mass.-based start-up Mazu Networks Inc. became the latest vendor to announce services based on intelligent traffic analysis and filtering technology, which it claimed will help companies better deal with such attacks. INFOCENTER
Related Stories
Visit an IDG site

Mazu joins others, such as Waltham, Mass.-based Arbor Networks Inc., North Brunswick, N.J.-based Niksun Inc. and Seattle-based Asta Networks Inc., all of which have announced services in this space during the past few months.

While each vendor claims to offer varying capabilities, the basic focus is on tackling denial-of-service attacks not just at corporate Web sites but also at the Internet service provider level before denial-of-service traffic actually hits corporate Web servers, users said.

Such capabilities are crucial for companies at a time "when denial-of-service attacks are becoming more pernicious and are happening with increasing frequency," said Laura DiDio, an analyst at Giga Information Group Inc. in Cambridge, Mass.

But while these products may be technically good point solutions, the question that corporations need to ask is whether the products will scale enough to meet the requirements of the largest organizations, DiDio added.

Such products help by giving administrators early notice of a developing attack. They also give administrators the ability to trace an attack back to its origins and filter out the offensive traffic much faster than current manual processes can, said Amer Moujtahed, director of systems engineering at Epoch Networks Inc., a Costa Mesa, Calif.-based Internet service provider.

For instance, Mazu's monitoring devices that are distributed at multiple network points constantly analyze traffic, looking for network behavior that indicates the onset of a denial-of-service attack, such as a sudden unexplained surge in traffic. Information gathered from all of the devices provides a broad picture of network traffic patterns that Mazu claims will help users detect an attack, identify its source and stop it as close to its origin as possible.

Arbor Networks collects comparable information and performs a similar analysis by setting up monitoring points both inside a corporate firewall and on the pipes leading into the corporate network from an Internet service provider.

Niksun adds a layer by offering an archival capability that let customers perform forensic analysis on an attack, said Niksun President Parag Pruthi.

The idea behind such approaches is that when a "particular traffic pattern or hostile algorithm is detected, we are notified so we can make a decision whether to shut down our server or not," said Alex Golin, a vice president at Hamilton Scientific Ltd., a Roseland, N.J.-based application service provider for health care providers that's planning to use Niksun's technology on its networks.

One year after DoS attacks, vulnerabilities remain
February 8, 2001
EU unveils plan to fight cybercrime
January 31, 2001
Center to be established for cyber-security
January 16, 2001
Attacks on IRC network hurt other Web services
January 10, 2001
Feds warn about rise in attacks against e-commerce sites
December 7, 2000
Exchange bug could be exploited for denial-of-service attacks
November 6, 2000

Deconstructing DoS attacks
(Unix Insider)
Asta Networks claims cure for DoS attacks
Denial-of-service threat gets IETF's attention
(Network World Fusion)
Denial-of-service attacks still a big threat
DoS attack tool uses relay chat
(Network World Fusion)
New DDoS tools being developed
DoS attacks: A problem of the information age
(Unix Insider)
How to prevent DoS attacks

Mazu Networks, Inc.
Arbor Networks Inc.
Niksun Inc.
See related sites about Science and Technology

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


4:30pm ET, 4/16

Back to the top