[afnog] défis majeurs de l'Internet en terme d e sécurité

SM sm at resistor.net
Mon Jun 7 09:10:09 UTC 2010 

At 00:03 07-06-10, Harouna MOUMOUNI wrote:
>J'ai souvent lu des articles de Stéphane depuis que je ne comprenais
>pas grand-chose sur les protocoles de l'Internet... merci pour les
>précisions apportées. La communauté fait de son mieux j'en suis très
>conscient; mais, ma petite expérience me fait affirmer haut et fort
>que nos comportements doivent changer de manière assez radical et dès
>maintenant, car le problème ne fait que croitre avec l'augmenattion de
>nos ressources Internet. Le véritable problème est le faible niveau de
>connaissance des techniciens et ingénieurs en matière de sécurité (je
>mets de coté les volontés politiques)... Pour s'en convaincre, prennez

There was some technical content at the latest 
AfNOG meeting ( 
http://www.afnog.org/afnog2010/atelier2010.html 
).  If the technicians and engineers would like 
to see more technical content in a specific area, 
they could contact AfNOG and ask for it to be 
included.  Training can be less expensive if the 
Web is used for delivering the content.  That is 
highly relevant to this region as some people may 
not have the means to attend workshops.

>la plage d'adresses IP xxx.138.0.0/16 (xxx=anonymat) essayez de voir
>combien de serveurs critiques ayant des interfaces dans cette plage
>vous donnent un accès root avec comme mots de passe 123456 ou azerty
>ou @zerty .... Ou combien d'équipements actifs te donnent un accès
>privilégié avec les paramètres par défaut ??? Ou chez combien de LIR,
>l'équipement chargé de la protection des hôtes te laisse prendre son
>controle quand tu as le challenge login/psswd par defaut ?

Training can only help create an awareness of the 
security considerations and how they could be 
addressed.  It does not solve the security 
problem as it is up to the people in charge of these servers to do so.

>Combien de gens continuent encore à faire les frais du scam ?

At a guess, I would say that it is people from 
other regions that are more affected.  You could 
conclude that people from Africa are smarter in this area. :-)

>une très grande partie de nos infrastrucutures n'est pas en mesure de
>faire face à une attaque DDoS, aucun moyen de défense et

Denial of service is done through other means in 
this region.  See 
https://lists.afrinic.net/pipermail/africann/2010-April/002260.html

You may have also seen headlines such as ( 
http://www.foreignpolicy.com/articles/2010/03/24/africas_cyber_wmd ):

   "Think that Russia and China pose the biggest hacking threats of our time?
    The virus-plagued computers in Africa could take the entire world economy
    offline."

>d'autodéfense, aucune stratégie de reprise après sinistre, aucune
>possibilité d'audibilité. je me demande si le cyberespeace africain
>est devenu un espace sans loi ?

Quoting a MessageLabs press release ( 
http://www.messagelabs.com/resources/press/52619 ):

   'in May, MessageLabs Intelligence analyzed the growth of spam and botnets in
    some of the countries along the eastern coast of Africa, namely those which
    received greater broadband connectivity in July 2009. The proportion of
    global spam that comes from Africa overall has increased to 3 percent of
    global spam in May 2010 from just under two 
percent in April 2009, reflecting
    an extra 1.2 billion spam emails being sent 
from Africa daily compared to one
    year ago.

    While historically countries not in the 
eastern portion of the continent have
    sent the majority of spam from Africa, this 
output has shifted east over the
    past year. The proportion of spam coming from 
the rest of Africa has decreased
    from 86 percent to 80 percent while that 
coming from countries located in the
    eastern region has increased from 13 percent to 19 percent. This rise
    originated most notably from Kenya, Rwanda and Uganda where spam output has
    increased to 7.2, 6.3 and 5.7 times respectively the amount that was being
    sent one year ago.

   “Historically, broadband adoption has been a tipping point for spammers to
    acquire more bots,” Wood said. “The new 
undersea fiber optic cable along the
    east coast of Africa has enabled rapid growth 
in the number of users obtaining
    high speed connections to the internet creating a great opportunity for
    attackers to infect new machines and create new bots.”'

The quick fix to stop these "bots" is not to have 
high speed connections in Africa. :-)  You could 
also get the regulators to write laws to outlaw 
"bots".  Laws only work if you have the means to enforce them.

Africa is usually the scapegoat.

Regards,
-sm

More information about the afnog mailing list