X

Antivirus firms team to thwart DoS attacks

Network Associates inks separate deals with three start-ups to protect customers against denial-of-service attacks.

Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
See full bio
Robert Lemos
2 min read
Security software company Network Associates announced Monday that it has teamed up with three network security start-ups to share information about denial-of-service attacks.

McAfee, the antivirus division of Network Associates, signed on Arbor Networks, Asta Networks and Mazu Networks in a loose alliance to share data and research about attacks. The three companies were formed in the last 18 months in response to the growing threat of denial-of-service attacks.

"Each of them offers a unique aspect in what we are trying to do," said Tony Thompson, a spokesman for Network Associates. "They each come to the table delivering a certain set of knowledge."

The company's McAfee division plans to release new antivirus products that can protect servers and home computers alike from programs that surreptitiously take control of computers.

In July, one such program--the Code Red worm--took control of more than 400,000 Web servers using Microsoft's Web server software. The virulent spread of that automated program slowed some companies' networks. Known as a denial-of-service attack, the flooding of networks with a deluge of data has become increasingly common.

But Network Associates' main rival, Symantec, asserted that current antivirus products and firewalls already have the ability to detect malicious programs such as Code Red.

"There is nothing really secretive about the research or anything special about the technologies being used here," said Rob Clyde, chief technology officer for Cupertino, Calif.-based Symantec. "There is some potential for (the research) to be valuable down the line, but the technology can also cause problems, because it has a high rate of false alarms."

For the time being, the relationship between Network Associates and the three start-ups will be focused on research and information sharing.

"We can provide huge insight into network analysis; Network Associates brings to the table a lot of forensics data," said Stefan Savage, co-founder and chief scientist for Asta Networks. "Being able to put these together and learn about what's going on early on helps us."

While all three companies are focused on detecting denial-of-service attacks as they happen and then shutting down the attack, having access to data on the programs that cause the attack is important, said Walter McCormack, vice president of business development for Cambridge, Mass.-based Mazu Networks.

"We can detect a real-time attack, but it's also nice to know about the attack beforehand," McCormack said. "We can get a heads-up from them if there is a huge spike" in server infections.