Search This Blog

Friday, July 31, 2009

Symantec: Why bigger is better but less is more

4 Ways to Catch a Liar; E-commerce Fraud: The Latest Criminal Schemes
Network World logo

Compliance Alert

NetworkWorld.com | Update Your Profile


Sponsored by Tripwire
rule

8 Keys to Ideal Configuration Assessment
Configuration assessment gives IT the ability to regain control over an increasingly dispersed and complex infrastructure. Discover the tools you need to help IT solve key security issues, thereby achieving - and sustaining - a known and trusted state.

rule

Spotlight Story
Symantec: Why bigger is better but less is more

Symantec likes to point out how much bigger it is than competitors like McAfee, which at $1.6 billion in annual revenue is about a quarter of Symantec's size. But it also has come to recognize that bigness has its downsides, such as confusion that can stem from having too many products. Read full story

Related News:

4 Ways to Catch a Liar
Most people lie, whether they're covering up something sinister or just embarrassed over a mistake. Research conducted a few years ago at the University of Massachusetts found that 60 percent of participants lied at least once during an observed 10-minute conversation.

E-commerce Fraud: The Latest Criminal Schemes
E-commerce fraud costs retailers approximately $4 billion each year, according to the most recent results of an annual survey conducted by Cybersource, a provider of electronic payment and risk management services. Sebbe Jones, manager of fraud and disputes at 2Checkout, is in the business of keeping e-commerce fraud at bay.

July Giveaways
Cisco Subnet is giving away 15 copies each of books on Enterprise Web 2.0 and Building a Greener Data Center; Microsoft Subnet is giving away training from New Horizons to one lucky reader and 15 copies of Microsoft SQL Server 2008 Reporting Services Unleashed. Entry forms can be found on the Cisco Subnet and Microsoft Subnet home pages. Deadline for entries July 31.

Network World on Twitter? You bet we are


Black Hat's best
Black HatHow well you remember the Black Hat conference's most notorious incidents?

Wireless burning questions
IT quizHow much longer are you going to hang onto that Ethernet cable? And other questions.

Unified Communications Information Kit
Get the inside track on advanced communications and collaboration solutions from IBM with our complimentary Information Kit. Learn how to reduce your communication costs, consolidate servers, boost productivity and increase your competitive advantage.
Learn More


 

July 31, 2009

TOP STORIES | MOST DUGG STORIES

  1. iPhone SMS attack to be unleashed at Black Hat
  2. Mystery solved: MS emergency patch precedes Black Hat session
  3. Clampi Trojan plunders financials for botnet
  4. CERT and ISC warn about BIND9 DNS vulnerability
  5. 5 technologies Iran is using to censor the Web
  6. Microsoft-Yahoo will change cloud computing
  7. Cloud computing confusion reigns in U.S. government
  8. Black Hat's most notorious incidents
  9. What business is Cisco in today?
  10. Cisco fixes critical WLAN flaws

Top 5 Free Networking Tools
Visit Network World's NetFlow and IP SLA Solution Center today to find Webcasts, videos, downloads and whitepapers offering: Top 5 Free Networking Tools, Top 5 Tools for Diagnosing and Solving Network Problems, The Shortcut Guide to Network Management, Network Troubleshooting techniques and essentials, and more.
Top 5 Free Networking Tools



IT Buyers guide

 


This email was sent to security.world@gmail.com

Complimentary Subscriptions Available
for newsletter subscribers. Receive 50 issues of Network World Magazines, in print or electronic format, free of charge. Apply here.

Terms of Service/Privacy

 

Subscription Services Update your profile
To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

Unsubscribe

Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701
Copyright Network World, Inc., 2009

www.networkworld.com

 

 



Give your SysAdmin a hug today; Firefox cracks 1 billion

Firefox cracks 1 billion downloads; MI5 website reportedly hacked
Network World logo

Daily News PM Alert

NetworkWorld.com | Update Your Profile


Sponsored by IBM NWW
rule

Distinguish your Business Through Superior Service
Distinguish your business from competitors by delivering superior service. Download this whitepaper today and discover how top-flight service management can deliver a world-class customer experience.

rule

Spotlight Story
Have you hugged your SysAdmin today?

When your e-mail works today or the application you depend upon responds quickly, don't forget to thank your company's system administrator – after all, today is System Administrator Appreciation Day. Really. Read full story

Related News:

Firefox cracks 1 billion downloads
Less than five years after its initial release, Mozilla's Firefox Web browser has hit its one billionth download.

MI5 website reportedly hacked
MI5's official site has been hacked in a bid to steal the identities of visitors to the site, according to media reports. The hackers, who called themselves Team Elite, rigged the site to download viruses onto the machines of anyone using the British intelligence services Web site.

Twitter, Linux, Red Hat, Microsoft "honored" with Pwnie Awards
Think of the annual Pwnie Awards delivered at the Black Hat conference as a geek version of the Oscars – if they were combined with the tongue-in-cheek Razzies that celebrate the worst of Hollywood. Twitter, Linux and Red Hat were among honorees that didn't go unscathed this time around.

iPhone virus: What you need to know
The iPhone's security flaws were laid bare at the Black Hat Conference in Las Vegas yesterday, and now the smartphone-clutching public has boiled itself into a frenzy. But how serious is this supposed iPhone virus, and what can be done to protect your iPhone from infection? Here is what we know, and why you probably shouldn't worry.

Conficker talk sanitized at Black Hat to protect investigation
A talk at Black Hat had to be scaled back because it contained information about Conficker that might tip investigators' hand and send the perpetrators further underground, says F-Secure's chief research officer.

Microsoft details how to upgrade between Windows 7 SKUs
Microsoft on Friday let users who want to upgrade from one version of Windows 7 to another know how they can do so.

Adobe patches 12 Flash bugs, 3 caused by Microsoft
Adobe on Thursday patched a dozen vulnerabilities in Flash Player, including three it inherited from faulty Microsoft development code and one that hackers have been exploiting for at least a week.

Mobile phone shipments drop 11% in Q2, IDC says
The worldwide mobile phone market remained weak in the second quarter despite some encouraging signs in smartphone shipments, market researcher IDC said Thursday.

Microsoft puts positive spin on sales drop
Microsoft executives put a rosy glow on the company's prospects and performance at the company's annual financial analysts meeting, despite a recent quarterly report that fell short of revenue expectations by $1 billion.

July Giveaways
Cisco Subnet is giving away 15 copies each of books on Enterprise Web 2.0 and Building a Greener Data Center; Microsoft Subnet is giving away training from New Horizons to one lucky reader and 15 copies of Microsoft SQL Server 2008 Reporting Services Unleashed. Entry forms can be found on the Cisco Subnet and Microsoft Subnet home pages. Deadline for entries July 31.

Network World on Twitter? You bet we are


Black Hat's best
Black HatHow well you remember the Black Hat conference's most notorious incidents?

Wireless burning questions
IT quizHow much longer are you going to hang onto that Ethernet cable? And other questions.

Best Practices in Lifecycle Management
Learn 11 key areas you must consider in a lifecycle management solution. Also, discover who offers the solution that provides the greatest value for the lowest cost - Altiris, KACE, LANDesk or Microsoft.
Click here to view this whitepaper.


 

July 31, 2009

TOP STORIES | MOST DUGG STORIES

  1. iPhone SMS attack to be unleashed at Black Hat
  2. Mystery solved: MS emergency patch precedes Black Hat session
  3. Clampi Trojan plunders financials for botnet
  4. CERT and ISC warn about BIND9 DNS vulnerability
  5. 5 technologies Iran is using to censor the Web
  6. Microsoft-Yahoo will change cloud computing
  7. Cloud computing confusion reigns in U.S. government
  8. Black Hat's most notorious incidents
  9. What business is Cisco in today?
  10. Cisco fixes critical WLAN flaws

Creating and Managing Value-Driven Product Portfolios
The product portfolio decisions you make today will determine whether your company is relevant tomorrow. With such a fine line between success and failure, now is the time to make product portfolio decisions based on fact—not guesswork, political agendas, intuition or the opinions of the loudest voice in the room.
Read Now



IT Buyers guide

 


This email was sent to security.world@gmail.com

Complimentary Subscriptions Available
for newsletter subscribers. Receive 50 issues of Network World Magazines, in print or electronic format, free of charge. Apply here.

Terms of Service/Privacy

 

Subscription Services Update your profile
To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

Unsubscribe

Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701
Copyright Network World, Inc., 2009

www.networkworld.com

 

 



Security Management Weekly - July 31, 2009

header

  Learn more! ->   sm professional  

July 31, 2009
 
 
Corporate Security

  1. "Murder Bares Worker Anger Over China Industrial Reform"
  2. "Tech Gadgets Help Corporate Spying Surge in Tough Times"
  3. "Aite Report Says There Is No Easy Cure for Threats to Card Security"
  4. "Pirate Bay Unfazed by New Threats " Co-Founder of File Sharing Site Says He is Not Concerned About Lawsuit Filed by Production Companies
  5. "'Smart Grid' Raises Security Concerns"
Homeland Security

  1. "7 Arrested in North Carolina on Terrorism Charges"
  2. "US Drones to Target Taliban in Afghan War: Report"
  3. "Obama Participates in Terror Preparedness Test"
  4. "Indonesia Hotel Bombings: Manchester United Football Team 'Was Target'"
  5. "Nigeria Confirms Death of Islamic Sect's Leader"
Cyber Security

  1. "UK Pentagon Hacker Loses Appeal, Will be Sent to U.S."
  2. "Experts Find iPhone Text-Message Security Flaw"
  3. "File Sharing Leaks Sensitive Federal Data, Lawmakers Are Told"
  4. "Use of Tracking Cookies on Government Sites Sparks Privacy Concern"
  5. "Researchers Try to Stalk Botnets Used by Hackers"

   

 
 
 

 


Murder Bares Worker Anger Over China Industrial Reform
Wall Street Journal (07/31/09) Canaves, Sky; Areddy, James T.

Chen Guojun, an executive for the Jianlong Group, was murdered by a group of workers protesting the takeover of government-owned Tonghua Iron and Steel by Chen's company. The workers, worried about losing their jobs in the course of the takeover, staged a protest at a factory. During the protest, some workers found Chen and beat him severely. They then blocked streets and hurled bricks, preventing paramedics from reaching Chen. By the time local government officials announced that the takeover of the company had been abandoned and protesters relented, Chen was dead. As police search for Chen's killers, the event has sparked a debate in China over how workers of companies should be treated if ownership changes hands. Some have argued that there needs to be more focus on the benefits to the workers in such an ownership shift. These considerations are particularly important as China continues to attempt to consolidate its steel industry, the largest in the world. The industry in China is fragmented among as many as 800 producers. Shanghai Baosteel Group, long China's biggest producer, accounted for less than 5% of the roughly 500 million metric tons of steel China produced in 2009. By contrast, South Korea's Pohang Iron & Steel Co., or Posco, accounted for just over 60% of that country's steel production during the same time period.




Tech Gadgets Help Corporate Spying Surge in Tough Times
USA Today (07/29/09) Acohido, Byron

Corporate espionage has become increasingly more prevalent as companies have taken to storing massive amounts of data, and many are not careful about who has access to that data. As the economy has fallen, layoffs have also increased the opportunity for insiders to leave the company with sensitive information. Employees worried about job security face rising temptations to seek out and hoard proprietary data that could help boost their job performance, or at least make them more marketable should they get laid off, says Adam Bosnian, vice president at Cyber-Ark Software, another identity management systems supplier. Of the 400 information technology pros who participated in a recent Cyber-Ark survey, 74% said they knew how to circumvent security to access sensitive data, and 35% admitted doing so without permission. Among the most commonly targeted items: customer databases, e-mail controls and CEO passwords. Mobile device and social networking sites have also made the covert transfer of this data much easier. For companies who are not careful about handling passwords, the risk in even greater. Security experts warn that companies should ensure they educate employees about how to be cautious about password protection. Unfortunately, even these precautions cannot protect from more advanced forms of spy equipment that can be easily placed by janitors or other support staff. For example, one such device looks like an ordinary USB cable, but also picks up audio information that can be transmitted to a receiver up to 160 feet away.


Aite Report Says There Is No Easy Cure for Threats to Card Security
Credit Union Times (07/29/09) Rapport, Marc

It could cost $100 billion to fix card security in the United States, according to a new Aite Group report, "Card Data Security: In Search of a Technology Solution." Aite surveyed 29 individuals, most of whom are responsible for risk management at issuing banks or payment processors, and respondents cited a migration from magnetic-stripe cards to smartcards as the most viable cure for card security threats. However, Aite says that a decision to standardize smartcard usage is five to seven years off, and analyst Nick Holland cautions that "the deeply entrenched magnetic-stripe infrastructure in the United States, and the cost and effort involved in transitioning stakeholders to chip and PIN infrastructure" may make such a development unlikely. Furthermore, a move to a smartcard architecture would only address the threat of counterfeit card fraud, leaving the threats of card-not-present fraud and malware unresolved. Holland says that technological advances will enable the most positive changes to the data security environment, while the biggest risks to card security are social engineering attacks and external physical assaults. Sixty-two percent of poll respondents identified merchants as the group most vulnerable to security breaches, followed by acquirers. Although some security tactics may be very successful, Aite notes that their high cost could hinder implementation, and smartcard architecture is the priciest solution. Survey respondents said PCI security could be improved by including payment processors in the standards development process and card networks in the enforcement of PCI compliance, as well as performing more frequent PCI audits.


Pirate Bay Unfazed by New Threats
BBC News (07/29/09)

Peter Sundae, the co-founder of popular file-sharing Web site, Pirate Bay, says that he is not concerned about the lawsuit filed against him by 13 Hollywood production companies as part of their attempt to shut down the site. In April the site's founders were found guilty of breaking copyright law and were sentenced to a year in jail and ordered to pay $4.5 million in damages. However, the site remains operational. The lawsuit has been brought by Columbia Pictures, Disney Enterprises, Universal Studios and 10 other firms, many of which were due to receive damages form the April settlement. The Pirate Bay was set up in 2003 by anti-copyright organization Piratbyran, but for the last five years it has been run by individuals. Following the initial lawsuit, the site was purchased by Global Gaming Factory. Under the new management, copyrighted material continues to reside on users computers rather than on Pirate Bay servers, but a "give and take" system has been instituted that pays users for sharing their resources.


'Smart Grid' Raises Security Concerns
Washington Post (07/28/09) P. A12; Krebs, Brian

The U.S. Energy Department is requiring electric utilities competing for $3.9 billion in new federal "smart grid" grants to show that they are taking measures to prevent cyberattacks as they move to link nearly all elements of the U.S. power grid to the public Internet. Security experts have expressed concern that many existing smart-grid efforts do not have sufficient built-in protections against computer hacking, including new "smart meters" that provide real-time feedback on power consumption patterns and levels by putting information about consumers' power use onto the Internet, grid-management software, and other equipment. The Edison Foundation's Institute for Electric Efficiency says more than 50 million smart meters could be installed over the next five years. However, these devices often are the weakest link in the smart-grid chain, due to their two-way communication that opens up the possibility that the grid could be attacked from the outside. Many of these systems require little authentication to carry out key functions, such as disconnecting customers from the power grid. The Energy Department says it can reject any smart-grid grant application that does not demonstrate that ensuring cybersecurity will be a top priority.




7 Arrested in North Carolina on Terrorism Charges
Los Angeles Times (07/28/09) Meyer, Josh

Seven men were arrested by federal authorities in North Carolina on Monday and charged with training to participate in an Islamic holy war against U.S. allies. According to a seven-count indictment filed in federal court on Monday, the men attempted to provide material support to terrorists and to kill, kidnap, maim and injure people in attacks overseas. The indictment noted that the plot began in March 2006, when one of the suspects, 39-year-old Daniel Patrick Boyd, traveled to Gaza and attempted to go further into the Palestinian territories with one of his two sons, both of whom are also believed to be part of the conspiracy. Authorities also believe that the elder Boyd trained in terrorist camps in Pakistan and Afghanistan. The indictment goes on to say that Boyd and his son Zakariya traveled to Israel in 2007 with two of the other suspects to wage holy war, though they returned to the U.S. without accomplishing their goal. Also charged in the indictment is Ziyad Yaghi and Hysen Sherifi, who allegedly traveled to Jordan and Kosovo, respectively, in order to participate in a jihad. The indictment also says Sherifi, a permanent U.S. resident, returned to North Carolina from Kosovo to raise support for Islamic militants. None of the men ever committed any violent acts, and none were planning attacks on U.S. soil, authorities say. Nevertheless, the seven men could face life in prison if they are convicted on the charges.


US Drones to Target Taliban in Afghan War: Report
AFP Business News (07/31/09)

The U.S. military plans to use more unmanned drones to attack Taliban militants, shifting its focus away from tracking al-Qaeda leaders. Eight drones that have been devoted to tracking Al-Qaeda in remote Afghan mountains will reportedly be transferred to the fight against Taliban insurgents. The U.S. Central Command also plans to send about 12 more drones to the Afghan front, including some aircraft that have been assigned to Iraq -- a move resisted by U.S. commanders there. Although President Obama has declared defeating al-Qaeda is the top priority of the Afghan war, officials believe they must first establish stability in Afghanistan in order to provide the terrorist organization with less opportunities to exploit political and economic unrest there. The drones are considered invaluable resources by the army as they can monitor targets for hours. There has been some debate as how to best use the drones, but the new commander of U.S. and NATO forces in Afghanistan, General Stanley McChrystal, has ordered an elaborate review of how the mission uses surveillance aircraft. McChrystal reportedly supports using the drones in a more concentrated way instead of spreading the aircraft across the country. By doing so, he hopes to allow each regional command to have use of the drones for a designated period each day.


Obama Participates in Terror Preparedness Test
CBS News (07/30/09) Knoller, Mark

President Obama and other high-level government officials--including members of the National Security and Homeland Security Councils--on Thursday took part in "National Level Exercise 2009," a week-long program that is designed to test strategies for preventing a terrorist attack on the United States. During Thursday's session, Obama and other officials had to respond to a fictitious terrorist attack overseas and prevent terrorists from entering the U.S. and carrying out additional attacks. State and local authorities, as well as officials from the U.K., Canada, Australia, and Mexico, also took part in the exercise. According to the Federal Emergency Management Agency, the terrorism prevention efforts used in Thursday's exercise will be allowed to proceed to a logical conclusion, regardless of whether they are successful or not. The government will then be evaluated on intelligence sharing, counter-terrorism, border security, public notification, and international coordination.


Indonesia Hotel Bombings: Manchester United Football Team 'Was Target'
Telegraph.co.uk (07/30/09) Malkin, Bonnie

Indonesian police are investigating an Internet message about the bombings of the Marriott and Ritz-Carlton hotels in Jakarta on July 17. The message, which was purportedly written by Mohammed Noordin Top, one of the prime suspects in the bombing, says that the British soccer team Manchester United was the target of the attacks. According to the message, the attack was intended to be a warning to Indonesians "against the arrival of the soccer club Manchester United," whose players are referred to as "enemies of Allah" because they are Christians. The Manchester United had been scheduled to stay at the Ritz-Carlton hotel. The authenticity of the message has not been independently verified, though a terrorism expert says it may be authentic because the language used resembles the language used in previous claims by Muslim extremist groups.


Nigeria Confirms Death of Islamic Sect's Leader
New York Times (07/30/09) Nossiter, Adam

Nigerian security forces on Thursday confirmed the death of Mohammed Yusuf, the leader of the fundamentalist Islamic sect that has blamed for attacking police stations and for preparing to launch a religious war in the African nation. A spokesman for Nigeria's military refused to say exactly how Yusuf was killed, though there were reports that the Boko Haram leader had been killed after he was captured. News of Yusuf's death came one day after the Nigerian military launched an assault that destroyed Boko Haram's compound in the city of Maiduguri. Yusuf's death also ended a five-day campaign against Boko Haram that left hundreds of people dead and drove thousands of others from their homes. The Nigerian military has said that members of Boko Haram have largely withdrawn to the outskirts of Maiduguri, though pockets of fundamentalists remain in the city. The Nigerian military's effort to drive members of Boko Haram from Maiduguri has been criticized by human rights activists, who said it was too excessive. However, the Nigerian military says the operation was not heavy handed, and that the loss of life was kept to a minimum.




UK Pentagon Hacker Loses Appeal, Will be Sent to U.S.
CNN International (07/31/09)

Britain's High Court ruled Friday that Gary McKinnon, who is accused of carrying out a major hack of U.S. government and military computers, will be tried in the U.S. rather than the U.K. The court's decision came after it turned down McKinnon's request to review a decision by the director of public prosecutions not to pursue legal action in the U.K. The ruling clears the way for McKinnon to be extradited to the U.S, where he faces seven charges of computer fraud and related activity for breaking into 97 computers at the Pentagon, NASA, and the Earle Naval Weapons Station in New Jersey, among others, from his home computer beginning in March 2001. McKinnon has acknowledged accessing the computer systems without authorization, but said he did so in an effort to find out whether the U.S. government was covering up the existence of UFOs. But Alison Saunders of the Crown Prosecution Service said that the hack was "a deliberate effort to breach U.S. defense systems at a critical time which caused well-documented damage." However, prosecutors do not believe that McKinnon was connected to any terrorist organization. If McKinnon is convicted on the charges against him, he would face a maximum of 10 years in prison on each count and a fine of $250,000.


Experts Find iPhone Text-Message Security Flaw
San Francisco Chronicle (07/31/09) P. C1; Kim, Ryan

There is a vulnerability in Apple's iPhone that hackers could take advantage of to take control of the device, cybersecurity researchers Charlie Miller and Collin Mulliner said Thursday at the Black Hat cybersecurity conference in Las Vegas. According to Miller and Mulliner, the vulnerability is a lack of safeguards that prevents code in text messages from embedding an executable file into the iPhone's memory. The two researchers noted that attackers can take advantage of this lack of safeguards by sending out a series of mostly invisible SMS bursts. The attackers can then take control over the device's phone, text messaging, Web browsing, microphone, and camera features. Windows Mobile devices also contain a similar vulnerability. Although Miller and Mulliner told Apple about the vulnerability a month ago, the company still has not released a patch. However, it is very unlikely that iPhone users will be attacked, since the attack uses no less than 512 text messages, according to MyMobiSafe founder Eric Everson. In addition, the attack will not be effective if any of the messages are deleted before the attack is finished, Everson said.


File Sharing Leaks Sensitive Federal Data, Lawmakers Are Told
Washington Post (07/30/09) P. A6; Krebs, Brian; Nakashima, Ellen

Rep. Edolphus Towns (D-N.Y.), the chairman of the House Oversight and Government Reform Committee, said Wednesday that he plans to introduce legislation that would ban peer-to-peer file sharing software from all government computers and networks, as well as the computers and networks used by government contractors. Towns announced his plans after his panel heard testimony from Tiversa CEO Robert Boback, who said that his company was able to find sensitive government and personal information while recently searching through music- and file-sharing networks on the Internet. Boback noted that these searches yielded FBI surveillance photos of an alleged Mafia hit man, as well as motorcade routes and safe-house locations for Laura Bush, who was first lady at the time the searches were performed. In addition, Tiversa discovered a list that contained the names and Social Security numbers of people infected with HIV, as well as medical records with full psychological assessments of patients with mental illnesses. Patient Privacy Rights founder Deborah Peel said that these records contained enough information for someone to commit identity theft. Also testifying at the hearing was Mark Gorton, chairman of Lime Group, which makes the peer-to-peer software LimeWire. Gorton said the government would likely find it difficult to regulate peer-to-peer software, since there are hundreds of companies that make such applications, most of which are not based in the United States.


Use of Tracking Cookies on Government Sites Sparks Privacy Concern
Computerworld (07/28/09) Vijayan, Jaikumar

The U.S. Office of Management and Budget (OMB) has proposed changing the way tracking cookies are used on federal Web sites. Under OMB's plan, federal agencies could use single-session and multi-session cookies, including persistent cookies, so long as they comply with the security and privacy standards dealing with the collection and use of tracking information. Agencies and the public will have until Aug. 10 to comment on the proposal, which officials say will make government Web sites more user-friendly and will enable the federal government to provide better customer service and perform better Web analytics. Some privacy advocates say that any attempt to weaken an existing policy that forbids government sites from tracking visitor activity without the approval of the agency head is a mistake. They also say that users should have a reasonable expectation of privacy when visiting a government site. Others have said the government needs to spell out what it will do with the data it collects from the cookies, as well as why the information is useful.


Researchers Try to Stalk Botnets Used by Hackers
New York Times (07/27/09) Markoff, John

To track the spread of botnets, Sandia National Laboratories computer security specialists Rob Minnich and Don Rudish have converted a Dell Thunderbird supercomputer to simulate a mini-Internet of one million computers. The researchers hope to be able to infect their test network with a botnet in October and watch and collect data on how it spreads. One of the project's key challenges will be tricking the botnet into thinking it is operating on the real Internet. The Sandia computer, called MegaTux, is an example of a new kind of computational science in which computers are used to simulate scientific instruments. "One of the advantages of such a system is that we can stop the simulation at any point and look for patterns," Rudish says. The researchers say no one has previously tried to program a computer to simulate more than tens of thousands of operating systems. In addition to simulating the Internet, Sandia's Keith Vanderveen says the research will be valuable for exploring the design of future supercomputers that could have millions, instead of thousands, of processors, and could be invaluable for researchers looking to design new, more secure protocols for the Internet. "We will have a test bed where we will be able to try things out at Internet scale," Vanderveen says.


Abstracts Copyright © 2009 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online