From owner-freebsd-isp Wed Sep 18 18:28:54 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA06869 for isp-outgoing; Wed, 18 Sep 1996 18:28:54 -0700 (PDT) Received: from pinky.junction.net (pinky.junction.net [199.166.227.12]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id SAA06847 for ; Wed, 18 Sep 1996 18:28:51 -0700 (PDT) Received: from sidhe.memra.com (sidhe.memra.com [199.166.227.105]) by pinky.junction.net (8.6.12/8.6.12) with ESMTP id RAA11008; Wed, 18 Sep 1996 17:42:05 -0700 Received: from localhost (michael@localhost) by sidhe.memra.com (8.6.12/8.6.12) with SMTP id SAA06281; Wed, 18 Sep 1996 18:22:43 -0700 Date: Wed, 18 Sep 1996 18:22:41 -0700 (PDT) From: Michael Dillon To: inet-access@earth.com cc: iap@vma.cc.nd.edu, linuxisp@jeffnet.org, freebsd-isp@freebsd.org, os2-isp@dental.stat.com Subject: Cisco addresses SYN attacks? (fwd) Message-ID: Organization: Memra Software Inc. - Internet consulting MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >====================================================================== > > SAN JOSE, Calif.--(BUSINESS WIRE)--Sept. 17, 1996--Following >several reports of assaults on commercial Web sites and network >devices by anonymous hacker(s), Cisco Systems, Inc. is taking >several steps to inform its customers regarding how they might >address a potential threat to their networks. > Cisco called more than 40 leading Internet service providers >(ISPs) worldwide Monday to notify them of the possibility of isolated >electronic attacks targeted at Web sites and network devices >connected to the Internet. Cisco informed the ISPs of software >capabilities that could be implemented to resist attacks of the type >seen recently. > One problem occurs when a hacker floods a Web server or network >device with a huge volume of requests for connection. Because these >messages have false return addresses, however, the connections cannot >be established. The large volume of unresolved open connections >eventually overwhelms the server or network device and may cause the >server or network device to deny service. > In the past week, Cisco has collaborated with ISP customers to >understand the implications of potential attacks and share >information on how they can be resisted. At least one ISP has >installed a Cisco-recommended software implementation that >successfully restored network service after having been attacked. > The same implementation is currently in place to resist future >attacks on the same system. This implementation has been shared with >ISPs as a preventive measure. > "We view it as our responsibility to lead the industry in helping >customers resist malicious attacks," said Don Listwin, senior vice >president of Cisco IOS development and marketing for Cisco Systems. >"We are applying our expertise in Internet technology and large-scale >networking to help ISPs develop both short- and long-term solutions >for increased network security and reliability." > Web sites on the Internet are typically connected by network >devices called routers. Thus, Cisco engineers believe an ISP or >corporate network could be targeted by attacks at the network level >in addition to the server level. Because of the potential threat to >their networks, Cisco has initiated discussions with ISPs to share >what Cisco knows and suggest immediate steps that can be taken to >reduce vulnerability. > Cisco has existing security products throughout networks >worldwide and is continuously developing new products to continue to >address the need for increased network security. > Due to the intelligence of routers and firewall products, they >are key technologies for resisting attacks of the nature that have >been launched in recent days. By design, routers and firewalls are >intelligent devices with the ability to examine the source of traffic >and block traffic from unauthorized sources. > The ubiquitous role routers play in the Internet makes them a >natural place to implement security capabilities. Cisco provides >more than 80 percent of the routers in the global Internet. > In addition to working with ISPs, Cisco also has initiated >contacts with other networking device and server manufacturers, to >share information and coordinate activity. > Cisco Systems (NASDAQ:CSCO) is the leading global supplier of >internetworking solutions for corporate intranets and the global >Internet. Cisco's products -- including routers, LAN and WAN >switches, dial-up access servers and network management software -- >are integrated by Cisco IOS software to link geographically >dispersed LANs, WANs and IBM networks. > Company news and product/service information are available at >World Wide Web site http://www.cisco.com. Cisco is headquartered in >San Jose, Calif. > Note to Editors: Cisco IOS and Cisco Systems are trademarks, and >Cisco and the Cisco Systems logo are registered trademarks of Cisco >Systems, Inc. All other trademarks, service marks, registered >trademarks or registered service marks mentioned in this document are >the property of their respective owners. > > CONTACT: Cisco Systems, Inc. > Bob Michelet, 408/526-6636 > bmichele@cisco.com > Adam Stein, 408/526-7388 > astein@cisco.com > or > Cunningham Communication, Inc. > Lisa Hempel, 408/764-0738 > lisah@ccipr.com > > KEYWORD: CALIFORNIA > INDUSTRY KEYWORD: COMED COMPUTERS/ELECTRONICS >INTERACTIVE/MULTIMEDIA/INTERNET > >