Latest CERT/CC attack trends
Sean Donelan
sean at donelan.com
Wed Apr 10 03:17:09 UTC 2002
CERT/CC has published a paper on the latest trends in malicious
attacks (not accidents, operator error, etc) on the Internet.
http://www.cert.org/archive/pdf/attack_trends.pdf
CERT/CC identifies four increasing trends affecting the network
infrastructure:
1. Distributed Denial of Service - From an infrastructure point
of view this is a resource exhaustion issue (bandwidth, arp
tables, cpu, etc)
2. Worms - Really a vector rather than a different attack, how the
attack payload is delivered
3. Attacks on the Domain Name System - Registry security, cache issues
at all levels, out of date server software
4. Attacks against or using routers - Transitive trust issues,
control/data seperation, poorly secured routers used as attack
platforms
More information about the NANOG
mailing list