Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

How Microsoft Fights Off 100,000 Attacks A Month 169

Posted by Zonk from the more-power-to-em dept.
El Lobo writes to mention a ComputerWorld article about Microsoft's battles with the Hackers of the world. The software giant fights off more than 100,000 attacks every month, protecting their data-heavy internal network from the paws of your average script kiddie. The article discusses Microsoft's 'defense in depth' strategy, and discusses just some of the layers in that barrier. From the article: "The first layer of protection for the Microsoft VPN is two-factor authentication. After an infamous incident in the fall of 2000, Microsoft installed a certificate-based Public Key Infrastructure and rolled out smart cards to all employees and contractors with remote access to the network and individuals with elevated access accounts such as domain administrators. Two-factor authentication requires that you have something physical, in this case the smart card, and also know something, in this case a password."
This discussion has been archived. No new comments can be posted.

How Microsoft Fights Off 100,000 Attacks A Month More

How Microsoft Fights Off 100,000 Attacks A Month

Comments Filter:

  • How about the best step . . . (Score:4, Insightful)

    by OverlordQ ( 264228 ) on Friday December 08, 2006 @01:09PM (#17163794) Journal
    Keeping your vital data physically disconnected from the outside Internet. I know it'll cut off people who work remotely, but if it's that important, it's worth it.

  • I'm surprised... (Score:4, Insightful)

    by pdbaby ( 609052 ) on Friday December 08, 2006 @01:17PM (#17163900)
    The article seems to say they only use Microsoft solutions to provide their security.
    I'm surprised they don't even have a little something from RSA. Is their solution that good (jokes aside!), or are they just suffering from major Not Invented Here syndrome?

  • ok, sure .. .this is somehow news because (Score:4, Insightful)

    by zappepcs ( 820751 ) on Friday December 08, 2006 @01:17PM (#17163902) Journal
    this is a story about how MS is doing security... however, 2 factor authentication has been in use for decades, even before computers became the common day things they are today. In the military, I've seen where it takes 3 people and two keys just to open a door to a secured space. The tech is new, and hopefully now that MS is telling people that is how they do things, perhaps banks and other people with my personal information stored up will start doing the same??? sigh

  • Re:ok, sure .. .this is somehow news because (Score:5, Insightful)

    by GeckoX ( 259575 ) on Friday December 08, 2006 @01:22PM (#17163968)
    Where did it mention that MS is doing anything groundbreaking or revolutionary here?

    This is simply an article about how MS, arguably the most targeted entity out there, secures their business.

    Further, it appears to work very well for them, without sacrificing their employees ability to work.

    Really, what are you trying to say here? Should it require 3 people and 2 keys to log into your office over VPN every day to get some work done? Somehow I thing not, but that still leaves me wondering what is your point?

  • Seems unlikely that they'd run Linux (Score:3, Insightful)

    by coleopterana ( 932651 ) on Friday December 08, 2006 @01:25PM (#17164010) Journal
    I've noticed that the best way to find problems with your own product is to have your employees (forced to) use it on a daily basis. I'm no Microsoft fan nor a software engineer but it seems to me to be the quickest way to find holes that testing didn't uncover. Now that in itself presents an interesting question: does that make it harder to find SECURITY problems if you're testing your product behind all those corporate protections (assuming they work)? It's no real-world experience to do that.

  • Re:How about the best step . . . (Score:5, Insightful)

    by bugnuts ( 94678 ) on Friday December 08, 2006 @01:27PM (#17164030) Journal
    MS is big, and vital data are distributed in not-so-vital chunks throughout the organization and in different ways.

    Combined, it's all vital. But imho, saying "just cut the plug on the network" is not feasible and horribly short-sighted. MS has several web applications, update servers, search engines... what are you saying again? You propose they cut all that off, too? The damage is just as bad (if not worse) if their update servers get hacked instead of their personnel database.

    Network security covers a little more than just "vital data".

  • Balance? (Score:5, Insightful)

    by Rob T Firefly ( 844560 ) on Friday December 08, 2006 @01:28PM (#17164042) Homepage Journal
    The software giant fights off more than 100,000 attacks every month
    I wonder how the number of attacks on other sites enabled by botnets of compromised Windows machines compares to this. Are they taking more or less than their software dishes out to the rest of the world?

  • Re:I'm surprised... (Score:5, Insightful)

    by db32 ( 862117 ) on Friday December 08, 2006 @01:45PM (#17164270) Journal
    Do you honestly believe they would admit to using anything other than MS? Do you remember the noise that was made about their website being protected by a company using linux servers to protect it from denial of service stuff? Do you remember the noise that was made when that linux based company signed up with their silly streaming media shit and was able to stream windows media more efficiently from linux boxes than what equivilent Windows boxes could do? (The worst part about this was that it could only stream windows media content to windows computers, and linux clients could't do anything with the streaming media from the linux server).

    Give MS some credit...their Marketing/PR departments aren't stupid enough to talk about everyone else products used to secure their network, but I have a hard time believing that their technical folks are stupid enough to restrict themselves to MS products. I mean I have heard people explain to me how MS Proxy is the best proxy ever, or how that other stupid MS firewall/proxy/server thing is the best for boundary protection...but I assume those people will never work in security at a decent sized company for long if at all. MS products have their uses as much as I dislike many of them...but if I ever had anyone working for me try to use an MS product for something like boundary protection I would slap them, repeatedly, in front of the whole IT department.

  • Re:ok, sure .. .this is somehow news because (Score:4, Insightful)

    by wtansill ( 576643 ) on Friday December 08, 2006 @01:55PM (#17164410)
    perhaps banks and other people with my personal information stored up will start doing the same??? sigh
    You really do not want to go there. Let's say you have the following (reasonably typical) scenario:
    1. You have a checking account
    2. You have a 401(k) through your company
    3. You have a Visa credit card
    4. You have a MasterCard credit card
    Each institution where you maintain an account decides to require two-factor authentication.
    • Do the security keys interoperate, or do you have to now have four seperate tokens?
    • Your spouse wishes to log in as well, can (s)he use the same tokens, or does (s)he have to have their own?
    • Spend a lot of time on the road? Want to check your account(s) from your hotel room? Take all your tokens. Which, BTW, means that the spouse cannot check while you are away unless each account issues one token per spouse or other authorized account user (which, BTW, adds cost for the institution).
    • You have an emergency of some sort and must have access to your account, but forgot/lost your token, the battery died, whatever. Is there a secondary mechanism that will allow you to access your account which does not rely on the use of the security token? If so, you've just doubled the institution's cost of doing business with no net benefit to the institution.
    Add to that the scary fact that two-factor authentication does nothing to prevent man-in-the-middle attacks -- someone can still get hold of your session and possibly access your supposedly secure accounts -- and the luster dims for the two-factor scheme.

    It works well in some limited instances, but I shudder to think of the possibilities if it's ever adopted on a wide scale.

  • 100,000 is very low, on a typical home machine if you're getting hundreds or thousands of attempts by bots, then surely the biggest software maker is getting millions. However, if they mean 100,000 attacks by individuals per month, meaning someone directly trying to "hack into microsoft", that seems impressively high. Wouldn't at least several of those get in through social engineering alone (i.e. pretend to be hot girl, get password, etc.)?

  • Re:Yahoo Ping Department (Score:3, Insightful)

    by MrP-(at work) ( 839979 ) on Friday December 08, 2006 @02:06PM (#17164572)
    I think its very common.

    I know everyone here always does ping yahoo.com to test DNS/network connections.

    We also ping google.com somtimes too

    I feel bad for them

  • Re:ok, sure .. .this is somehow news because (Score:1, Insightful)

    by Anonymous Coward on Friday December 08, 2006 @02:59PM (#17165340)
    Two factor authentications like most kids cereals is "part" of a complete breakfast. You can't depend on two factor auth alone, but when it is combined with other things like sufficiently complex passwords, good security hygiene, and strong encryption what you end up with is good security. Not perfect security. Companies are also beginning to realize that it is no longer about the perimeter. You have to protect the inside as well. Probably the single most important piece of security is not technological, but procedural. Segregation of duties.

  • Re:ok, sure .. .this is somehow news because (Score:3, Insightful)

    by johneee ( 626549 ) on Friday December 08, 2006 @05:15PM (#17167044)
    I don't know about that, but I do have accounts in three different banks, and they do have two factor authentication - bank card and pin - for some of the access I have to them. Mostly it works pretty well...

  • Re:How to fend of 100,000 attacks a month (Score:3, Insightful)

    by Firehed ( 942385 ) on Friday December 08, 2006 @07:31PM (#17168812) Homepage
    Now someone mod this post up to +5, Insightful and put the whole thing on a shirt, with the caption of "The Slashdot Moderation System at Work".

Slashdot Top Deals

"What man has done, man can aspire to do." -- Jerry Pournelle, about space flight

Close