ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

Attackers seek weaknesses inside the firewall - Symantec

Andrew Colley ZDNet Australia

Published: 14 Oct 2003 10:50 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Corporations should be as concerned about personal computers inside the network perimeter as those riding its boundary, warns Symantec's security team.

Vincent Weafer, senior director of Symantec Security Response, said cyber-attackers are shifting their efforts from outside the intranet boundary to inside.

The attackers are taking an increasing interest in intranet-facing private network services in common desktop personal computers.

According to Weafer, the farms of desktops inside the network perimeter provide a rich picking ground for attackers. They are often less secure than systems that face the Internet directly, making them attractive recruits for orchestrated actions such as denial-of-service attacks, said Weafer.

And email-borne worms and Trojans aren't the primary drivers behind the new trend. It is directly related to the growing family of Distributed Component Object Model (DCOM) vulnerabilities discovered in Microsoft's Remote Procedure Call (RPC) implementation, according to Symantec. The new varieties of attacks burrow directly through the network perimeter.

"It's not getting more difficult for the attackers," said Weafer.

Symantec estimates that new vulnerabilities -- primarily in the Windows platform -- are now being uncovered at a rate of around 70 per week and he gave clear indications that software companies are still unable to keep up.

Illustrating his concerns, Weafer claims that a Windows 2000 operating system with all current Microsoft security patches applied will still be vulnerable to malicious infiltrators.

Late last week, the company's Deep Sight global sensors recently registered an increase in attacks on TCP port 445, which is associated with Windows network file and print services, prompting the company to upgrade its threat warnings.

Symantec estimates the cyber-attack activity in the first six months of 2003 was 19 percent higher than during the corresponding period for 2002.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
65 out of 153 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:




Related Jobs

Security Consultant, Symantec Endpoint Protection, RSA, PGP, Hamps

Security Consultant, Pre/post sales, Symantec, Encryption, Hampshire

Technical Consultant - Symantec / Veritas Netbackup / Enterprise Vault

Sentry Posts Blog

Toshiba touts Quantum Key Distribution

Toshiba research scientists have developed a method of distributing quantum keys more efficiently, the company has claimed in a statement: "[Quantum Key Distribution -- ] QKD --... More

Post a comment

Virtual Teams: Small Business Innovati...

Virtual Teams: Small Business Innovation Author: Eric Everson, Founder – MyMobiSafe.com As the founder of MyMobiSafe.com, I’ve found that because of our presence in the industry... More

Post a comment

Mobile Security and Innovation: An Ope...

Mobile Security and Innovation: An Open Case Author: Eric Everson, Founder MyMobiSafe.com The times are changing in the mobile industry as “big wireless” in the US Markets are calling... More

Post a comment

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers