Exposing Weaknesses in ISP Security

While it is more difficult to attack an ISP's infrastructure than its customers' infrastructure, attackers may exploit weaknesses if the ISP is not diligent about the security of their infrastructure.

Table 2-1 depicts assumptions that people may have about their ISP and its security posture , compared to the reality we've seen over the years .

Table 2-1: ISP Security Assumptions vs. Reality

Assumption

Reality

ISPs don't allow port scanning/hacking across their network.

Customers are continually port scanned and probed, and the ISP seldom notifies the customer.

ISPs will notify me if they see that I'm under attack.

Many ISPs aren't watching and do not have the capability to do so.

ISPs provide fully secure, managed firewalls and dedicated Internet access.

Firewalls/routers may not be monitored , and ISPs may not have proper access controls to protect the devices or the customers' networks.

My ISP only accepts my IP prefix from my AS through BGP.

This is not always true. If ISPs are not diligent in building proper routing policy, your prefix could be hijacked.

During an attack, I simply call my provider for help.

Reaching a security engineer is often difficult. Tracking an attack may involve multiple ISPs, who may not have an effective line of emergency communication.



Extreme Exploits. Advanced Defenses Against Hardcore Hacks
Extreme Exploits: Advanced Defenses Against Hardcore Hacks (Hacking Exposed)
ISBN: 0072259558
EAN: 2147483647
Year: 2005
Pages: 120

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net