Firms leave firewall gaps
Companies should check their firewall configurations to ensure they do not fall victim to distributed denial of service (DDoS) attacks, or unwittingly participate in them, according to David Morgan of Internet security firm ISS.
Morgan said a fifth of systems audited by ISS have misconfigured firewalls that put their owners at risk. The news follows a recent DDoS attack against 13 of the Internet's root name servers. Properly configured firewalls would have prevented the attack.
Organisations should set up firewalls to prevent all ping packets from entering their networks, Morgan advised. Ping packets request status information about remote computers.
[ Read more ]