www.syngress.com/solutions

different parts of the problem, and in general, not enough information is
shared on the subject. One very real problem is that organizations do not
want to talk about security problems for reasons of fear of liability or
simple embarrassment about looking stupid. We need more open commu-
nication and better ways for those who know what is happening to
inform those who need to know what is happening.
Q: 
Doesn’t P2P mean the game is over?
A: 
Hardly. One need only pay attention to the ever-unfolding saga of P2P
protocol development. On the one hand, we have youngsters trying to
“share” media, and on the other, we have Hollywood trying to stop them
from disseminating unlicensed IP of various forms. As a result, we may
end up with P2P encrypted with AES and using port 80 to hide among
the Web traffic ( just like botnets).The problem is that you still have to
have some way for the set of P2P hosts to rendezvous, and the rendezvous
may always include an unwanted third party (read 
informer
).This phe-
nomenon is similar to the darknet/honeynet phenomenon. If you attack
strangers, it may turn out that some strangers will invite you in, feed you,
and note everything you do. From another point of view entirely, those
who send spam and engage in DDoS attacks commit unnatural acts on
the Internet. Various tools like netflow and ourmon can spot those attacks.
Once we know a local box is infected, we can see who is talking to it,
even if we can’t decode the traffic. Honeypots and the like mean that at
some point the malware loses its encrypted communication channel.This
offers the white-hats the ability to tap into the software and figure out
what is going on.The game is not over.

Download 6,98 Mb.

Do'stlaringiz bilan baham: