crime on the internet: a network service provider’s view
DESCRIPTION
Crime on the Internet: A Network Service Provider’s View. Presentation to InfraGard, Phoenix Chapter, April 19, 2004. Crime on the Internet. AGENDA. Introduction How Did We Get Into This Position? What Are the Actual Threats, and Who Is Doing This? What Are We Currently Doing? - PowerPoint PPT PresentationTRANSCRIPT
Crime on the Internet: A Network Service Provider’s View
Presentation to InfraGard, Phoenix Chapter, April 19, 2004.
2
Crime on the Internet
1. Introduction
2. How Did We Get Into This Position?
3. What Are the Actual Threats, and Who Is Doing This?
4. What Are We Currently Doing?
5. What Else Can Be Done?
AGENDA
3
Ajigaura
Hong Kong
Shima
Singapore
Legend
Kuantan
Tokyo
OsakaNagoya
Tseung Kwan O
Global Crossing Asia/Pacific – Dedicated Internet Access/IP Transit
Landing PointsCities Connected Connecting SystemsIP POP
4
Global Crossing Europe – Dedicated Internet Access/IP Transit
LegendLanding PointsCities Connected Connecting SystemsIP POP
Marseilles
TurinMilan
Zurich
Munich
Nuremberg
Dresden
Berlin
Sylt
Stuttgart
Lyon
Paris
Whitesands
HannoverDusseldorfCologne
Leipzig
Barcelona
Geneva
Oslo
Stockholm
Madrid
BristolRotterdam
Brussels
Bude
Beverwijk
London
Strasbourg
Amsterdam
FrankfurtAntwerp
Copenhagen
Hamburg
Aberdeen
EdinburghGlasgow
LiverpoolDublin
WexfordKilmore Quay
5
EdinburghGlasgow
Carlisle
Preston
Sheffield
Newcastle
Amsterdam
LiverpoolLeeds
Bristol
WhitesandsPlymouth
SouthamptonBrighton
Dover
York
Southend
Nottingham
Middlesbrough
ManchesterPeterborough
Birmingham
Reading London
Exeter
Norwich
Derby
Dublin
Beverwijk
Brussels
AntwerpRotterdam
Bude
Basingstoke
LegendLanding PointsCities ConnectedConnecting SystemsIP POP
Aberdeen
WexfordKilmore Quay
Global Crossing UK – Dedicated Internet Access/IP Transit
6
Global Crossing North America – Dedicated Internet Access/IP Transit
Detroit
Denver
San Antonio
Dallas
Topeka St. Louis
Tampa
Miami
Boston
Seattle
Los Angeles
El Paso
Houston
Atlanta
Portland
Des Moines
Minneapolis
Indianapolis
Salt Lake City
Kansas City
Chicago
Milwaukee
New York
Montreal
PhoenixTucson
Toronto
Albuquerque
Austin
ClevelandPittsburgh
Green Bay
Reno
ColoradoSprings
Oakland
SpokaneHelena
Billings
CasperOmaha
New Orleans
Jacksonville
Daytona BeachOrlando
MelbourneFort Lauderdale
Lincoln
LouisvilleBowling Green
Nashville
Chattanooga
Baton Rouge
Baltimore
Mobile
Tallahassee
MaconFort Worth
Oklahoma City
Tulsa
Syracuse
Albany
Greenville
Greensboro
RaleighRocky Mount
RichmondFredericksburg
Buffalo
DaytonColumbus
Akron
Toledo
AnaheimSan Diego
Sunnyvale
Eugene
Medford
ReddingChico Trenton
Charlotte
Cincinnati Washington DCPhiladelphia
NewarkAltoona
Erie
Chesapeake
San FranciscoSacramento
San JoseSalinas
San Luis ObispoSanta Barbara
Monterrey
Mexico CityGuadalajara
Mazatlan
Tijuana
LegendLanding PointsCities Connected (Switch Sites)Cities ConnectedConnecting SystemsIP POP
Rochester
7
SantiagoBuenos Aires
Las Toninas
Lurin
Puerto ViejoFt. Amador
Fortaleza
Rio De Janeiro
St. Croix
Santos
Valparaiso
Lima
São Paulo
Landing PointsCities ConnectedConnecting SystemsIP POP
Legend
CaracasPanama City
Global Crossing South America – Dedicated Internet Access/IP Transit
8
Crime on the Internet
1. Nature of the Internet
2. Vulnerabilities in Network Software
3. A Large Number of Non-Power Users
4. People Out to Make a Quick Buck
How Did We Get Into This Position?
9
Crime on the Internet
1. Spam
2. Viruses and Worms
3. Denial of Service Attacks
4. Convergence of Threats
5. Cast of Characters
What Are the Actual Threats, and Who Is Doing This?
10
Crime on the Internet
1. Prevention: Contract/AUP, Screening, Blocking (cbl.abuseat.org), Filtering, uRPF.
2. Detection: Third party monitoring/aggregation, Netflow, Arbor.
3. Response: Termination, filtering, notification.
What Are We Currently Doing?
11
Crime on the Internet
1. Fix the software. Secure coding practices.
2. Actions by those with direct relationship with owners of compromised systems (ISPs and software manufacturers).
3. Actions by those with indirect relationships (NSPs, security researchers).
4. Actions by law enforcement.
What Else Can Be Done?
12
Crime on the Internet
Composite Blocking List: http://cbl.abuseat.orgROKSO: http://www.spamhaus.orgBot information: http://www.lurhq.com/research.html
Further Information