Trying to plug all the holes and vulnerabilities in networks linked to the Internet is like trying to keep mice out of the kitchen cabinets: you can close the drawers and batten down the hatches, but chances are, there's still a way in for the determined intruder.
A new public Web site sponsored by network security vendor Axent Technologies will try to make the situation more manageable by giving network managers a bird's-eye view of current security threats and tips on how to counter them. Scheduled for launch on Thursday, the site will provide comprehensive and detailed information about hacking techniques and other tactics used to disrupt Web-site operations and break into networks.
Axent has dedicated a five-employee "SWAT team" to "anticipate and reproduce attacks likely to occur or [which] are occurring in the network," said Robert Clyde, vice president and general manager of the security management business unit in Provo, Utah. That information, in turn, will be posted on a daily basis to a Web site where network managers can go as a one-stop shop for all the current information on network attacks. The information will range from step-by-step instructions on how to implement a specific attack, to links to hackers' own pages where hacks are described. And perhaps more importantly, Clyde said, information on how to prevent or detect the attacks will be provided.
"Almost all hacks are against known vulnerabilities and are fixable. Precious few are against things we don't know how to solve easily," said Peter Tippett, president of the National Computer Security Association. However, Tippett added that the biggest problem with attack information is that IS managers inevitably want to know how potential threats will affect their specific systems and configurations. To date, nobody has been able to develop a "smart system" that accomplishes that, although several consulting services - including NCSA and Internet Security Systems - will do an analysis of a company's network and specify potential security holes.
Several consulting and analyst groups like NCSA put out newsletters that provide information on network security, but putting together all the pieces can be difficult and time-consuming, Clyde said. Beyond that, security vendors have been reluctant to describe attack tactics in detail, fearing that copycats will then exacerbate the problem. But Clyde said that information on hacks is now widely available and "the bad guys know where to get it."
"A lot of people have a big learning curve to overcome, and any kind of information made available is useful," said Richard Power, editorial director with the Computer Security Institute in San Francisco. "There are a lot of environments where security hasn't been an issue up until now, but the Internet, with electronic commerce and email, has changed all that."
