Trends in network operator security
Its 2003 and everyone is making their predictions. What trends are network operators seeing for Internet security? Old favorites Buffer overflows Distributed Denial of Service Poor passwords (cisco/sanfran) Poorly coded systems Blame the user for not protecting poorly coded systems Trends Attack the network (why? because we can) Proxy relay hiding (its not just for SMTP anymore) Combo Bot/Trojan/Worms Embedded software "upgrades" Any other trends network operators are seeing?
On Wed, 8 Jan 2003, Sean Donelan wrote: :Its 2003 and everyone is making their predictions. What trends are :network operators seeing for Internet security? - Backdoors will be found in every major OS after they have been shipped on disk. - More reports of trojaned packages. - Resurgance of the "cc" conspiracy that says all code is backdoored by the compiler. - Dealing with mountains of IDS data. Especially as customers and investors demand the use of these kinds of technologies. - Demands from LEO's regarding tracking users of wireless networks. General legal attacks on any technology that facilitates anonymity. - Blame shifted to the service provider for vulnerabilities, more ISP's will get into the managed security business. They will be the next big vertical for MSS companies. - Spam will finally be widely recognized as a security issue. My pet definition of spam being any message that relies on the lack of policy enforcement features in mail protocols for delivery, will be widely adopted. - Lots of new exploits affecting image processing and multi-media libraries and applications. :Any other trends network operators are seeing? Multi-payload and multi-attack vector worms and viruses. More hostile code that uses mail and file shares to spread. Tunneling protocols and applications to evade firewalls, and detection. Security, security and more security. How did peoples predictions from last year fare? -- batz
So I said some things around this time last year and it's funny how things turned out. On Thu, 9 Jan 2003, batz wrote: :Date: Thu, 9 Jan 2003 13:29:52 -0500 (EST) :From: batz <batsy@vapour.net> :To: Sean Donelan <sean@donelan.com> :Cc: nanog@merit.edu :Subject: Re: Trends in network operator security : : :On Wed, 8 Jan 2003, Sean Donelan wrote: : ::Its 2003 and everyone is making their predictions. What trends are ::network operators seeing for Internet security? : :- Backdoors will be found in every major OS after they have been shipped : on disk. Alright, this was wrong, except for a few breakins discovered at sourceforge, debian.org and others. There was no evidence that compromised code made it to the CD distros. However, in a discussion about how to most effectively do this, it would be sneakier to just submit crappy exploitable code than a real and insidious backdoor. If you are feeling generous, you could give me this one for indirectly predicting attacks against OS distribution sites. :- More reports of trojaned packages. See above. : :- Resurgance of the "cc" conspiracy that says all code is backdoored : by the compiler. My bad. Variation on the same theme anyway. :- Dealing with mountains of IDS data. Especially as customers : and investors demand the use of these kinds of technologies. Yup. Massive movement on this. Dshields CIDR and ASN queries, the explosive growth in IDS data mining tools make this a sound call. :- Demands from LEO's regarding tracking users of wireless networks. : General legal attacks on any technology that facilitates anonymity. Yup. It was near the end of the year, but police are starting to scratch their heads on how to find users of wireless networks surfing for nasty things. http://www.pulse24.com/News/Top_Story/20031121-023/page.asp : :- Blame shifted to the service provider for vulnerabilities, more ISP's : will get into the managed security business. They will be the next big : vertical for MSS companies. Eh, dunno about this. Yes, everyone is a managed security services provider these days. Your call. :- Spam will finally be widely recognized as a security issue. My pet : definition of spam being any message that relies on the lack of : policy enforcement features in mail protocols for delivery, will be : widely adopted. Yup. It isn't just a boring administrative issue anymore, spammers are writing viruses, worms and hijacking ip address space. The idea of whitelisting or authenticating email is part of the mainstream. :- Lots of new exploits affecting image processing and multi-media : libraries and applications. Yup. I got a kick out of this one. Sad but true. MP3 and other player exploits were popular for the first part of the year. :Multi-payload and multi-attack vector worms and viruses. More :hostile code that uses mail and file shares to spread. Yup. This was an easy one, bordering on a horoscope, but right nevertheless. :Tunneling protocols and applications to evade firewalls, :and detection. Eh, maybe not. At least nothing really mainstream. : :Security, security and more security. Yup. I'll have a new list ready in a bit. I'll try to be more specific and aim for accuracy. Happy New Year:) -- batz
participants (2)
-
batz -
Sean Donelan