|
|
Rubrik: World-wide News/Products & News Denial
of Service Attacks Targeted Across Cisco and Juniper Infrastructure Products Intrusion
Prevention Provide Preemptive Network Infrastructure (23.04.05)
- TippingPoint, a division of 3Com, announced its suite of Intrusion
Prevention Systems (IPS) provided preemptive infrastructure protection for
numerous Denial of Service (DoS) attacks affecting several products including
infrastructure products from Cisco and Juniper. Without an IPS solution that
offers immediate protection and works seamlessly with any vendor's networking
equipment, enterprises must scramble to quickly deploy security patches for
each individual product they use, and only when the vendor makes the patch
available.
Anzeige
Denial of
Service attacks typically result in a loss or degradation of network
connectivity or services. Customers using TippingPoint's IPS are protected
from the new infrastructure attacks and other DoS attacks, regardless of the
equipment used in their network. "Intrusion
prevention is an important component of protecting critical network
infrastructure," said TippingPoint's Director of Digital Vaccine David
Endler. "By design, most infrastructure products are not dynamically or
automatically updated, and therefore, require IT personnel to manually
implement individual patches on affected machines once they are finally made
available by an equipment vendor and only during pre-defined IT maintenance
windows. Intrusion prevention is part of the network infrastructure and is
able to protect against attacks on routers and switches immediately, when
placed in front of such products." The
Denial of Service attacks were disclosed through the Internet Engineering
Task Force (IETF) document entitled "ICMP Attacks Against TCP," http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt
Technical Description of Attacks The DoS
attacks allow an attacker to reset or degrade an established Transmission
Control Protocol (TCP) connection by spoofing Internet Control Message
Protocol (ICMP) messages. This could have implications for devices that
require constant connections, such as routers that support BGP peering. Infrastructure
protection for these ICMP attacks was delivered to TippingPoint customers
with a new batch of security filters addressing the newly announced Microsoft
vulnerabilities and DoS infrastructure attacks. For customers with
TippingPoint network-based protection, vulnerable infrastructure products are
protected by the TippingPoint IPS. TippingPoint also protects other
technologies affected including Microsoft, IBM and Sun Microsystems. For the
full list of vendors affected and technical details about the attacks, please
visit: http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.
(3 Com: Tipping Point: ma) |
||
|
|||
| Anzeige | |||
|
|
