HULK DoS Tool More Hype than Threat - PLXsert Shares Simple Defense Strategies to Neutralize Attackers

Hollywood, Florida USA (PRWEB) June 01, 2012

Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today released a threat advisory on the HTTP Unbearable Load King (HULK) denial of service (DoS) script. The script was developed by a network security researcher and shared publicly on his blog. Because of his role, the tool attracted widespread attention and generated panic throughout the digital security industry.

Though it was intended as an educational proof-of-concept, it exposed common weaknesses that could be exploited by malicious actors to bring down servers that have not been optimally configured for performance and DDoS resistance.

What makes HULK dangerous is the fact that a single malicious actor with a single computer could feasibly take down a small, unhardened web server in minutes. Weve tested the tool internally and it is functional, said Neal Quinn, chief operating officer at Prolexic.

Fortunately, this is not a very complex DoS tool, he added. We were quickly able to dissect its approach and stop it dead in its tracks. It is fairly simple to stop HULK attacks and neutralize this vulnerability with the proper configuration settings and rules.

HULK, released May 17, uses randomized header and parameter values to generate a threaded GET flood attack; the randomized requests make it more difficult to distinguish attack threads from legitimate traffic, particularly for automated mitigation solutions. HULK takes advantage of out-of-the-box web server configuration vulnerabilities and spawns 500 threads that collectively stream random GET requests at its website target upon launch, bypassing caching engines to exhaust server resources.

The Prolexic Security Engineering & Response Team (PLXsert) immediately instituted rules to defend against and mitigate HULK attacks and issued a detailed threat advisory to Prolexic customers last week. As a public service, full details of the HULK threat, including recommended mitigation techniques and SNORT rules, are available at http://www.prolexic.com/threatadvisories.

There is a lot at stake for businesses online – whether its a matter of money, reputation, regulatory compliance or business continuity. No one wants to be down for a second, let alone hours or days, Quinn noted. Consequently, any threat can cause panic. While many DDoS threats are very real and severe, in the case of HULK, panic is not necessary. PLXsert is happy to share our practical, effective mitigation method that can be implemented on any WAF or content switch, and transform the HULK back into Dr. Banner.

Prolexic Threat Advisories

Designed to provide early warnings of new or modified DDoS attack signatures and scripts, recently observed by PLXsert, each threat advisory contains a detailed description of the type of attack, a list of attack signatures, and the specific network infrastructure or application that it targets. In addition, Prolexics DDoS mitigation experts also offer insight into the nature of each type of attack, as well as provide specific warnings as to how the attack will affect businesses and enterprises of different sizes and infrastructures. PLXsert also provides threat remediation tips to help subscribers not only recognize the new attack signatures, but also proactively defend against them. The latest threat advisories, including HOIC and Dirt Jumper, are available to the public at http://www.prolexic.com/threatadvisories.

About the Prolexic Security Engineering & Response Team (PLXsert)

PLXsert monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment. Through data forensics and post attack analysis, PLXsert is able to build a global view of DDoS attacks, which is shared with customers. By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more informed, proactive decisions about DDoS threats.

Details of Prolexics mitigation activities and insights into the latest tactics, types, targets and origins of global DDoS attacks are provided in quarterly reports published by the company. A complimentary copy of Prolexic’s Q1 2012 Global DDoS Attack Report is available at http://www.prolexic.com/attackreports.

About Prolexic

Prolexic is the worlds largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission-critical Internet-facing infrastructures for global enterprises and government agencies within minutes. Ten of the worlds largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the worlds first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. To learn more about how Prolexic can stop DDoS attacks and protect your business, please visit http://www.prolexic.com, follow us on LinkedIn, Facebook and Google+ or follow @Prolexic on Twitter.

###

Contact:

Michael E. Donner

HULK DoS Tool More Hype than Threat - PLXsert Shares Simple Defense Strategies to Neutralize Attackers

New Simple, Affordable File-Level Backup Solution from eMazzanti

Hoboken, NJ and New York, NY (PRWEB) June 14, 2011

Losing data can mean losing a businessor at least a damaging delay in getting up and running again. That is why eMazzanti Technologies, IT support and disaster recovery specialist is introducing its new file-level backup service for small businesses called: eCare Advanced Backup Client (ABC).

Many businesses do not require a full-system wide backup, said Carl Mazzanti, chief operating officer, eMazzanti Technologies. Rather, just the backup of basic document files. However, they still want the reliability that off-site data protection delivers. eCare ABC is the solution for them.

Recovery Options to Meet Every Size Business

eMazzanti Technologies has two great business continuity/disaster recovery solutions:

1. eCare Advanced Backup Client (ABC) – For smaller sized businesses that only need file folder level backup rather than system or network-wide backupthink of it as a basic ABC solution to data protection. This size business finds it more convenient back up individual document files rather than operating systems or applications that exist as on-site as OEM-provided DVDs.

2. eCare Advanced Backup System (ABS) – For larger businesses or firms where fast recovery from a data disaster is vital to the bottom-line. This Advanced Backup System solution ensures the entire system or network is backed upfiles, computers, servers and all default or custom network settings. Think of it as a complete snapshot of your network that can be restored, in some cases, in 30 minutes or less.

Regardless of the solution chosen, the right choice in Business Continuity and Disaster Recovery is eMazzanti Technologies. Its only a matter of time before a company will experience a business-shattering loss.

About eMazzanti Technologies

With a company name that sounds more like a purebred, high-performance sports car than a IT support and consulting firm, eMazzanti Technologies is all about delivering powerful solutions such as PCI DSS Compliance, computer network management, network troubleshooting, business continuity and disaster recovery, green computing, mobile workforce technology, information security, cloud computing, and business information optimization in the most efficient manner possible. The Hoboken, N.J., firm is located in one of the most densely populated – and competitive – regions in the U.S. It provides business technology consulting services for companies ranging from home offices to multinational corporations throughout the New York metropolitan area and in three countries. For more information contact: Carl Mazzanti 201-360-4400 or emazzanti.net.

# # #

Find More Disaster Recovery And Backup Services Press Releases

New Simple, Affordable File-Level Backup Solution from eMazzanti

AiNET and Global Midrange Technologies Announce Simple, Effective and Affordable DR/COOP Solution for IBM Power Systems

Beltsville, MD and Orlando, FL (PRWEB) November 02, 2011

AiNET

AiNET and Global Midrange Technologies Announce Simple, Effective and Affordable DR/COOP Solution for IBM Power Systems

Attunity Announces New Data Replication SaaS Solution for Amazon Web Services (AWS) Simple Storage Service (S3)

Burlington, MA (PRWEB) August 28, 2012

Attunity Ltd. (NASDAQ: ATTU), a leading provider of information availability software solutions, announced today that Attunity CloudBeam, its recently introduced high-performance SaaS platform for Amazon Web Services (AWS), has expanded its services to provide a new data replication-as-a-service solution for AWS’ Simple Storage Service (S3). Currently available for testing, the service provides replication and synchronization of Big Data stored in S3 across AWS cloud regions to enable business-critical initiatives, including disaster recovery, backup and data distribution. The new Attunity CloudBeam service is designed to ensure that information availability in the cloud is quick, reliable, easy-to-use and affordable for AWS customers.

“Enterprises today are increasingly feeling constrained by traditional data management methods and as a result, are embracing the cloud for its scalability and affordability,” explained Jeffrey M. Kaplan, Managing Director of THINKstrategies Inc., a cloud strategy consultancy, and founder of the Cloud Computing Showplace. “Organizations can properly configure cloud systems to be ready to go when needed, but never pay for any services until theyre actually used a smart, cost-saving measure. Key benefits like these make data replication in the cloud a highly attractive and viable option for organizations today.”

Automated, fully-managed, and pay-as-you-use, the new Attunity CloudBeam service for S3 efficiently replicates files and folders, and features:

Parallelized and elastic data transfer to maximize use of bandwidth
Configurable scheduling to ensure predictable information availability
High performance data transfer optimized to move large objects and large numbers of objects
Delta replication using comparative snapshot technology (CST) to minimize data that needs to be transferred
Fast set up with Click-2-Replicate configuration, and no server or appliance setup required

As a new member of the exclusive Amazon Partner Network, Attunity is proud to deliver this exciting new service as part of our continued dedication to enhancing our partnership with Amazon Web Services, explained Matt Benati, VP Global Marketing at Attunity. AWS customers have expressed strong interest in a data replication-as-a-service solution that is tightly integrated with S3 to enable high-performance data distribution, backup and disaster recovery affordably. This new Attunity CloudBeam service is designed to effectively meet customers Big Data replication requirements and its guaranteed delivery, elastic, high-performance platform and quick time-to-value make it a true stand out.

About Attunity

Attunity is a leading provider of information availability software solutions that enable access, sharing and distribution of data, including Big Data, across heterogeneous enterprise platforms, organizations, and the cloud. Our software solutions include data replication, change data capture (CDC), data connectivity, enterprise file replication (EFR) and managed-file-transfer (MFT). Using Attunitys software solutions, our customers enjoy significant business benefits by enabling real-time access and availability of data and files where and when needed, across the maze of heterogeneous systems making up todays IT environment.

Attunity has supplied innovative software solutions to its enterprise-class customers for nearly 20 years and has successful deployments at thousands of organizations worldwide. Attunity provides software directly and indirectly through a number of partners such as Microsoft, Oracle, IBM and HP. Headquartered in Boston, Attunity serves its customers via offices in North America, Europe, and Asia Pacific and through a network of local partners. For more information, visit http://www.attunity.com or our In Tune blog and join our community on Twitter, Facebook, LinkedIn and YouTube.

Safe Harbor Statement

This press release contains forward-looking statements within the meaning of the “safe harbor” provisions of the Private Securities Litigation Reform Act of 1995 and other Federal Securities laws. Statements preceded by, followed by, or that otherwise include the words “believes”, “expects”, “anticipates”, “intends”, “estimates”, “plans”, and similar expressions or future or conditional verbs such as “will”, “should”, “would”, “may” and “could” are generally forward-looking in nature and not historical facts. For example, when we say that we believe that customers will appreciate the information availability that Attunity CloudBeam provides, we are using a forward-looking statement. Because such statements deal with future events, they are subject to various risks and uncertainties and actual results could differ materially from Attunitys current expectations.

Factors that could cause or contribute to such differences include, but are not limited to: risks and uncertainties relating to the acquisition of RepliWeb, including costs and difficulties related to integration of acquired businesses, the combined companies financial results and performance, and ability to repay debt and timing thereof; our liquidity challenges and the need to raise additional capital in the future; market acceptance of the Attunity Replicate and the development of a market for such product; timely availability and customer acceptance of Attunitys new and existing products; any unforeseen developmental or technological difficulties with regard to Attunitys products; changes in the competitive landscape, including new competitors or the impact of competitive pricing and products; a shift in demand for products such as Attunitys products; unknown factors affecting third parties with which Attunity has formed business alliances; the impact on revenues of economic and political uncertainties and weaknesses in various regions of the world, including the commencement or escalation of hostilities or acts of terrorism; and other factors and risks on which Attunity may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ.

For a more detailed description of the risks and uncertainties affecting Attunity, reference is made to Attunitys latest Annual Report on Form 20-F/A, which is on file with the Securities and Exchange Commission (SEC) and the other risk factors discussed from time to time by Attunity in reports filed or furnished to the SEC. Except as otherwise required by law, Attunity undertakes no obligation to publicly release any revisions to these forward-looking statements to reflect events or circumstances after the date hereof or to reflect the occurrence of unanticipated events.

###

Attunity Announces New Data Replication SaaS Solution for Amazon Web Services (AWS) Simple Storage Service (S3)