[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Pakistan] Government taking long-term measures to mitigate DoS attacks on websites: minister
[from Comp-list mailing list]
Government taking long-term measures to mitigate DoS attacks on
websites: minister
Dawn, By Our Staff Reporter
5/14/2003
http://www.dawn.com/2003/05/14/nat23.htm
ISLAMABAD, May 13: Minister for Information Technology Awais Leghari
has said 97 per cent reliability of internet services will be
achieved by June 15 as a result of various short-term measures taken
to discourage denial of service (DoS) attacks.
The minister told newsmen here on Tuesday that the government was
also taking long-term measures to mitigate the risks of DoS attacks
by implementing security policy at national level which included
technical auditing of the Pakistan Telecommunication Company Limited
(PTCL) and the National Telecommunication Corporation (NTC) internet
backbone networks.
The auditing would suggest necessary measures to improve the quality
of service and enhance its security and reliability which would be
implemented in letter and spirit, he said, adding that after this the
reliability of services would reach to 99.9 per cent.
A committee had been formed to prepare a comprehensive policy and
implementation plan to secure the websites of the government within
Pakistan and abroad. The committee has presented its recommendations
which suggested that the government portals and websites should be
shifted from Comsats to the NTC for domestic users while the same
should also be hosted abroad preferably at two data centres for
access by international users.
This will start working from April 2004, the minister said, adding
that the core routers with DoS attack filters would be implemented
while reverse proxy server to protect direct access of hosting zone
and deflect intrusions into servers would be in place and firewall
would also be implemented for traffic policing.
The cost of hosting portals abroad for the first year is Rs29.5
million while that for each subsequent year would be Rs13 million to
be borne by concerned ministry/division.
In a presentation on DoS attack, it was stated that government
portals and websites were attacked 63 times, the duration of which
was 37 hours and 13 minutes. These attacks were at peak (34 times) in
April.
The normal reliability of PIE (Pakistan internet exchange) stands at
99.6 per cent but it was degraded to 93 per cent (about 50 hours in a
month) during the DoS attacks.
About the measures taken by the PTCL against DoS attacks, it was said
that appropriate access lists have been applied at the ingress to
filter out known malicious traffic before it enters, PIE upstream
providers were also asked to block traffic destined for the victim
internet provider, besides second STM-1 (synchronous transfer mode)
was added and terminated on a different router.
Singtel is also blocking target IPs on their routers. After the
expiry of contract of old STM-1 in July 2003, provision of STM-1 from
a different service provider from the western segment of SMW-3 is
being arranged. A reference for proposals is being floated with the
condition of providing mitigation of DoS attacks by the upstream
provider.
New facility to monitor bandwidth utilization through a multi-router
traffic grapher access is being provided to all PIE customers. After
these measures, efficient, reliable and secure services from PIE,
reliability of ISP services will improve which will increase the
sector revenue and jobs.
The PTCL would also acquire top-of-the-line routers with capability
to route 50 million packets per second and would distribute and
mitigate the DOS attacks without increasing the load on the routers'
processor. These routers would be deployed by the end of this month.
Meanwhile, a new 155 Mbits per second (STM1) bandwidth has been added
to the PTCL network.
