SAN JOSE, Calif. (September 17, 1996) - Following several reports ofassaults on commercial Web sites and network devices by anonymoushacker(s), Cisco Systems Inc. is taking several steps to inform itscustomers how they might address a potential threat to their networks.
Cisco called more than 40 leading Internet service providers (ISPs)worldwide Monday to notify them of the possibility of isolated electronicattacks targeted at Web sites and network devices connected to theInternet. Cisco informed the ISPs of software capabilities that could beimplemented to resist attacks of the type seen recently.
One problem occurs when a hacker floods a Web server or network device witha huge volume of requests for connection. Because these messages havefalse return addresses, however, the connections cannot be established.The large volume of unresolved open connections eventually overwhelms theserver or network device and may cause the server or network device to denyservice.
In the past week, Cisco has collaborated with ISP customers to understandthe implications of potential attacks and share information on how they canbe resisted. At least one ISP has installed a Cisco-recommended softwareimplementation that successfully restored network service after having beenattacked. The same implementation is currently in place to resist futureattacks on the same system. This implementation has been shared with ISPsas a preventive measure.
"We view it as our responsibility to lead the industry in helpingcustomers resist malicious attacks," said Don Listwin, senior vicepresident of Cisco IOS development and marketing for Cisco Systems. "We areapplying our expertise in Internet technology and large-scale networking tohelp ISPs develop both short- and long-term solutions for increased networksecurity and reliability."
Web sites on the Internet are typically connected by network devicescalled routers. Thus, Cisco engineers believe an ISP or corporate networkcould be targeted by attacks at the network level in addition to the serverlevel. Because of the potential threat to their networks, Cisco hasinitiated discussions with ISPs to share what Cisco knows and suggestimmediate steps that can be taken to reduce vulnerability. Cisco hasexisting security products throughout networks worldwide and iscontinuously developing new products to continue to address the need forincreased network security.
Due to the intelligence of routers and firewall products, they are keytechnologies for resisting attacks of the nature that have been launched inrecent days. By design, routers and firewalls are intelligent devices withthe ability to examine the source of traffic and block traffic fromunauthorized sources. The ubiquitous role routers play in the Internetmakes them a natural place to implement security capabilities. Ciscoprovides more than 80 percent of the routers in the global Internet.
In addition to working with ISPs, Cisco also has initiated contacts withother networking device and server manufacturers, to share information andcoordinate activity.
