The Almanac: Networking

Leveraging Capabilities in your Existing Cisco Network for Optimized Performance and Troubleshooting What is NetFlow and How Does NetFlow Tracker Help? See Your Traffic Performance Using Capabilities Already Inside Your Cisco Network A New Name on the Enterprise Networks Short List: Juniper The Results are In! Integration Solutions and Interoperability at Organizations Today True Zero Day Protection: The Only Defense Against Evolving Security Threats Computerworld Executive Briefing: Automating Network Management Sign up to receive Security Resource Alerts

January 19, 2004 (Computerworld) -- Windows ATMs Raise Concerns
Diebold Inc.'s recent revelation that automated teller machines operated by two of its banking customers were struck by the W32/Nachi worm highlights a growing security concern about the move to Windows-based cash machines.
The outbreak of Nachi, also known as Welchia, required the unnamed banks to take down and patch infected ATMs before they could be safely brought back online, says Jim Merrell, director of global product marketing at North Canton, Ohio-based Diebold, a leading ATM manufacturer.
The security problems on ATM networks come at a time when many banks worldwide are migrating from an older generation of machines that used IBM's OS/2 operating system to Windows machines. The mass migration has been spurred by a number of factors, including IBM's decision to stop supporting OS/2 by 2006 and pressure from ATM vendors, says Ann All, the editor of ATMmarketplace.com, an online publication that covers the ATM market.
The advantages of Windows ATMs include built-in support for HTML and XML, as well as the fact that banks can create a consistent look and feel between home banking applications and ATMs. But security analysts predict that the move to Windows will almost certainly result in more disruptions from worms, viruses and hackers, because the Microsoft operating system presents more avenues for exploitation.
"The general-purpose operating system does everything. Unfortunately, that also means there's more bad stuff that could run on the computer," says Bruce Schneier, chief technology officer at Counterpane Internet Security Inc. in Mountain View, Calif.
Another issue is how fast security holes can be patched. ATM software is often upgraded via "sneaker net," with technicians physically visiting each machine for maintenance.
Diebold and other ATM vendors say they're "hardening" the installations of Windows they ship with their ATMs by disabling unnecessary services and ports and removing files that support peripherals. In November, Diebold and Sygate Inc. announced that Diebold ATMs will be outfitted with Sygate's firewall software.
But some vendors see ATM security as largely an internal IT problem. "When customers ask me [about ATM security], I tell them to talk to their network security people. They need to treat their ATM like other devices on their network and protect it," says Kent Schrock, director of marketing at ATM vendor Fujitsu Transaction Solutions Inc., a division of Fujitsu Ltd.
—Paul Roberts, IDG News Service

Patent Watch
• A system for monitoring the reliability of networking equipment in the field. This "field availability monitoring system" is attached to switches and routers that have been installed at customer sites and sends an e-mail to the vendor whenever components fail or have a problem. The e-mail is transformed into a trouble log that can be analyzed for ways to prevent recurring problems. —U.S. Patent No. 6,665,822, issued Dec. 16, 2003
Inventor: Adam Michael Conway, at Cisco Systems Inc. in San Jose.
Digital Archives
50 Years Ago:
• Western Electric's No. 28 tele-typewriter becomes commercially available.
• The Bell System puts a hands-free Speakerphone into limited production.
• AT&T offers a long-distance "Integrated Data Processing" service. Data from punched cards in Cincinnati is fed into a computer in New York.
20 Years Ago:
• A new AT&T Corp. and the seven Bell operating companies begin operations as separate entities after the AT&T divestiture.
Finding the Leaks
Have trouble visualizing your network? IPsonar software, from Lumeta Corp. in Somerset, N.J., not only maps the network and its perimeter; it also finds "leaks" that could be serious security problems. In this image, for example, the red area in the lower right shows an unauthorized Internet gateway.

No. 1 by Far Cisco dominates the enterprise network hardware market. Cisco Systems Inc. 55.1% 3Com Corp. 4.7% Nortel Networks Ltd. 4.2% Hewlett-Packard Co. 4.1% Avaya Inc. 1.3% Market-share leaders, ranked by worldwide revenue. Source: IDC, Framingham, Mass., November 2003

Finding the Leaks Have trouble visualizing your network? IPsonar software, from Lumeta Corp. in Somerset, N.J., not only maps the network and its perimeter; it also finds “leaks” that could be serious security problems. In this image, for example, the red area in the lower right shows an unauthorized Internet gateway.