Finding ways to limit DoS attacks and SMS spam by making it harder to spoof the origin of electronic communications is on the agenda at a telecommunications standards meeting next week -- but civil rights advocates worry it could put an end to anonymity on the Internet.
Making it possible to trace the origin of all Internet traffic "raises grave concerns in terms of facilitating government repression," said Jim Dempsey, vice president for public policy at the Center for Democracy and Technology. "I'm skeptical of the claimed benefits for security."
At a meeting of the International Telecommunication Union (ITU) in Geneva this week, telecoms experts will discuss draft recommendation X.tb-ucr, Trace back use case and requirements, looking at ways to identify the source of packets sent across IP (Internet Protocol) networks.
"Knowing the source of traffic is essential for settlements and infrastructure protection, and more recently for preventing attacks on the network," said Tony Rutkowski, one of the members of the ITU working party on telecommunication security and also vice president for regulatory affairs and standards at Verisign.
Packets on IP networks are marked with the address of their source and destination. As the packets hop from router to router to reach their destination, routers make no note of where they came from. If the source address indicated on packets is spoofed, or fake, then there is no easy way to find out who is originating the traffic.
That's not necessarily a problem, unless the traffic is causing a nuisance, as is the case during a DoS (denial of service) attack on a server, for instance.
At one stage, said Rutkowski, around 10 percent of the requests reaching Verisign's DNS (Domain Name Servers) were from people trying to conduct DOS attacks. "We used to have our own traceback capability," he said.
At telcos, the CFO wants to know where that Internet traffic is coming from too. Carriers are seeing more SMS (Short Message Service) and VOIP (voice over IP) traffic from Internet gateways, and they have a right to charge the originators for delivering it. When the source of this traffic is concealed or spoofed, they don't know whom to bill. Such phantom traffic could be costing network operators hundreds of millions of dollars a year, Rutkowski said.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Business Intelligence and Enterprise Performance Management: Trends for Emerging Businesses
Data grids and service-oriented architecture
Email Archiving 101—Customer Case Study
Taking On Demand CRM Integration to the Next Level
Solve Exchange Mailbox Storage Issues Once and for All
Strategies for Eliminating .PST Files
Achieving the impossible: Unlimited application scalability
Know thy self: Reduce costs, secure data and ensure compliance with identity management
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Enterprise Wireless WLAN Security
Learn more about the security challenges to be faced when defining and implementing security mechanisms within diverse wired and wireless network environments. Download this must-read guide to plan your wireless data protection strategy now.
Buying Guides
Latest Products
