Free Test For Web Site Security Offered

The Alliance for Internet Security, a consortium dedicated to protecting Internet investments, is making available a tool that will help determine if corporate networks are vulnerable to attacks. This could alert network administrators before their systems are used as part of a Distributed Denial of Service (DDoS) attack, such as occurred against Yahoo!, eBay, and other prominent Internet sites earlier this year. The tool, NetLitmus, is free to anyone joining the Alliance. Developed by ICSA.net, Reston, Va., the company spearheading the Alliance, NetLitmus searches Web sites to determine if appropriate filters (routers and firewalls) are in place and are properly configured to prevent a system from being part of a DDoS attack. By reconfiguring these filters, organizations can prevent their systems from being used as "slaves" to attack another's computers. Similarly, ISPs can configure customer-facing routers to resist passing on attacks. Early testing with the tool among Alliance members showed less than 15% had appropriate filtering, and less than half of the corporations' ISPs had functional filtering for faked addresses. Formed in February after the rash of DDoS attacks, the Alliance for Internet Security includes more than 650 ISPs, security vendors, corporations, and industry leaders who pledge to adopt security measures that address DDoS attacks.