Browse > Home / Blog article: Last year’s IP security is not this year’s

Last year’s IP security is not this year’s

By Alan Harten

August 12, 2008

The ISACA said this week, at its Vegas Black Hat briefing, that a security problem that hackers are utilising to nudge people into visiting sites against their will, is also affecting email services.

ISACA says that the problem, discovered by Dan Kaminsky, will permit these hackers to intercept e-mail messages.

They go on to say that this does not come as a surprise and that although the problem suggests a classic man-in-the-middle attack, there are much deeper problems that involve the central computers that route Internet users to relevant IP addressed systems.

The ISACA does however have confidence in the big vendors, ISPs and the IT industry, and considers that they are dealing with the flaws in the DNS routing.

Having said that, they also consider that new problems will surface in the (near) future.

They contend that the source of the problem is that the internet would on the surface seem to be a logical and very simple animal.

But in reality there are numerous routing complexities and the bigger the Internet gets the bigger the more complex these will become.

He re-stated that companies need to ensure their Internet security systems are up-to-date and reviewed on a regular basis and to keep in mind that last year’s IP security may not necessarily be totally effective today and IT managers need to be in a cycle of never ending review of their security needs.

About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA is a recognized worldwide leader in IT governance, control, security and assurance.

Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal, and develops international information systems auditing and control standards.

It also administers the globally respected Certified Information Systems Auditor (CISA) designation, earned by more than 60,000 professionals since 1978; the Certified Information Security Manager (CISM) designation, earned by more than 9,000 professionals since 2002; and the new Certified in the Governance of Enterprise IT (CGEIT) designation.

Click here to discuss this: Security Forums

Filed Under IT Security, Internet Security News 
Tagged:



Add to Bookmarks:

ADD TO DEL.ICIO.US     ADD TO DIGG     ADD TO FURL

ADD TO STUMBLEUPON     ADD TO YAHOO MYWEB     ADD TO GOOGLE     ADD TO SPURL


Related posts to "Last year’s IP security is not this year’s":



Comments

Got something to say?





Visited 433 times, 4 so far today