Major Internet service providers cooperating with NSA on monitoring traffic

[grandpaflo]

Major Internet service providers cooperating with NSA on monitoring traffic

http://www.washingtonpost.com/natio...toring-traffic/2011/06/07/AG2dukXH_story.html

"Three of the nation’s largest Internet service providers are cooperating with a new National Security Agency program to sift through the traffic of major defense contractors with the goal of blocking cyberattacks by foreign adversaries, senior defense and industry officials say.

The novel program, which began last month on a voluntary, trial basis, relies on sophisticated NSA data sets to identify malicious programs slipped into the vast stream of Internet data flowing to the nation’s largest defense firms. Such attacks, including one last month against Bethesda-based Lockheed Martin, are nearly constant as rival nations and terrorist groups seek access to U.S. military secrets."

 

[spidey07]

Sounds like a great idea. The problem is doing that kind of intrusion detection system at the speed of the pipes is...welll...difficult to say the least. Not enough processor power, needs to be done in hardware.

If the defense contractors or other agencies aren't already doing it on their Internet edge then that's fail on them.

 

[davmat787]

Maybe I am missing something, but what is the privacy issue or concern here? The program is voluntary. From the article, they are using signature files of malicious code to identify attacks on the defense industry. Sounds kind of like how an antivirus program works on your home pc, but for traffic coming to/from internet facing defense industry servers.

 

[spidey07]

Maybe I am missing something, but what is the privacy issue or concern here? The program is voluntary. From the article, they are using signature files of malicious code to identify attacks on the defense industry. Sounds kind of like how an antivirus program works on your home pc, but for traffic coming to/from internet facing defense industry servers.

If they were smart, they'd move the IDS/IPS further up and into the provider rather than their internet edge. Essentially recognizing and shuning any malicious activity before it even gets to their networks. It's how you stop DDoS and others.

It almost sounds like they may be looking for actual malicious code instead of the activity of the code/attack which would be interesting. If so that needs deep packet inspection (looking into layer7) and requires tremendous hardware to do at any multigigabit rate. 10-40 gig? Forgetabout it.

OP - add some commentary about the article otherwise you're gonna get locked for just posting an article without thoughts.

 

[davmat787]

If they were smart, they'd move the IDS/IPS further up and into the provider rather than their internet edge. Essentially recognizing and shuning any malicious activity before it even gets to their networks. It's how you stop DDoS and others.

It almost sounds like they may be looking for actual malicious code instead of the activity of the code/attack which would be interesting. If so that needs deep packet inspection (looking into layer7) and requires tremendous hardware to do at any multigigabit rate. 10-40 gig? Forgetabout it.

OP - add some commentary about the article otherwise you're gonna get locked for just posting an article without thoughts.

Considering one of the tags is 'privacy', I am guessing the OP takes issue with ISP's working with the NSA. Could be OP thinks this is just a cover for monitoring private citizens intertube packets, I dunno.

Anyhoo, I don't see a problem with this program as is, it is voluntary after all and I am sure the NSA can read ones email if they really wanted to.

Besides, Windows has a backdoor built in for the .gov, everyone knows this. :awe: