Stolen credit card numbers, hacked federal computer systems and other high-profile online assaults have put many users on their guards and focused the attention of security managers on high-level intrusion-detection systems, chains of firewalls and other high-level defenses. But many forget . . .
Stolen credit card numbers, hacked federal computer systems and other high-profile online assaults have put many users on their guards and focused the attention of security managers on high-level intrusion-detection systems, chains of firewalls and other high-level defenses. But many forget that, no matter how hard they try to secure a site, vulnerabilities built into the fabric of the Internet still leave them at risk - even though measures to shut down the most glaringly common vulnerabilities are easily available.

Simple functions like the ability to request a connection between two machines can create openings that are to blame in about 15% of the attacks that are reported each year, says Fred Baker, chairman of the Internet Engineering Task Force. That's because TCP/IP hasn't changed much since the days of its acceptance as the Arpanet transport protocol.

The link for this article located at ComputerWorld is no longer available.