Skip the navigation

The Almanac: Networking

An eclectic collection of research and resources. By Mitch Betts

By Mitch Betts
January 19, 2004 12:00 PM ET

Computerworld - Windows ATMs Raise Concerns
Diebold Inc.'s recent revelation that automated teller machines operated by two of its banking customers were struck by the W32/Nachi worm highlights a growing security concern about the move to Windows-based cash machines.
The outbreak of Nachi, also known as Welchia, required the unnamed banks to take down and patch infected ATMs before they could be safely brought back online, says Jim Merrell, director of global product marketing at North Canton, Ohio-based Diebold, a leading ATM manufacturer.
The security problems on ATM networks come at a time when many banks worldwide are migrating from an older generation of machines that used IBM's OS/2 operating system to Windows machines. The mass migration has been spurred by a number of factors, including IBM's decision to stop supporting OS/2 by 2006 and pressure from ATM vendors, says Ann All, the editor of ATMmarketplace.com, an online publication that covers the ATM market.
The advantages of Windows ATMs include built-in support for HTML and XML, as well as the fact that banks can create a consistent look and feel between home banking applications and ATMs. But security analysts predict that the move to Windows will almost certainly result in more disruptions from worms, viruses and hackers, because the Microsoft operating system presents more avenues for exploitation.
"The general-purpose operating system does everything. Unfortunately, that also means there's more bad stuff that could run on the computer," says Bruce Schneier, chief technology officer at Counterpane Internet Security Inc. in Mountain View, Calif.
Another issue is how fast security holes can be patched. ATM software is often upgraded via "sneaker net," with technicians physically visiting each machine for maintenance.
Diebold and other ATM vendors say they're "hardening" the installations of Windows they ship with their ATMs by disabling unnecessary services and ports and removing files that support peripherals. In November, Diebold and Sygate Inc. announced that Diebold ATMs will be outfitted with Sygate's firewall software.
But some vendors see ATM security as largely an internal IT problem. "When customers ask me [about ATM security], I tell them to talk to their network security people. They need to treat their ATM like other devices on their network and protect it," says Kent Schrock, director of marketing at ATM vendor Fujitsu Transaction Solutions Inc., a division of Fujitsu Ltd.
—Paul Roberts, IDG News Service

Windows ATMs Raise Concerns
Patent Watch
• A system for monitoring the reliability of networking equipment in the field. This "field availability monitoring system" is attached to switches and routers that have been installed at customer sites and sends an e-mail to the vendor whenever components fail or have a problem. The e-mail is transformed into a trouble log that can be analyzed for ways to prevent recurring problems. —U.S. Patent No. 6,665,822, issued Dec. 16, 2003
Inventor: Adam Michael Conway, at Cisco Systems Inc. in San Jose.
Digital Archives
50 Years Ago:
• Western Electric's No. 28 tele-typewriter becomes commercially available.
• The Bell System puts a hands-free Speakerphone into limited production.
• AT&T offers a long-distance "Integrated Data Processing" service. Data from punched cards in Cincinnati is fed into a computer in New York.
20 Years Ago:
• A new AT&T Corp. and the seven Bell operating companies begin operations as separate entities after the AT&T divestiture.
Finding the Leaks
Have trouble visualizing your network? IPsonar software, from Lumeta Corp. in Somerset, N.J., not only maps the network and its perimeter; it also finds "leaks" that could be serious security problems. In this image, for example, the red area in the lower right shows an unauthorized Internet gateway.
No. 1 by Far
Cisco dominates the enterprise network hardware market.
Cisco Systems Inc. 55.1%
3Com Corp. 4.7%
Nortel Networks Ltd. 4.2%
Hewlett-Packard Co. 4.1%
Avaya Inc. 1.3%
Market-share leaders, ranked by worldwide revenue.

Source: IDC, Framingham, Mass., November 2003


Finding the Leaks
Have trouble visualizing your network? IPsonar software, from Lumeta Corp. in Somerset, N.J., not only maps the network and its perimeter; it also finds “leaks” that could be serious security problems. In this image, for example, the red area in the lower right shows an unauthorized Internet gateway. Finding the Leaks

Special Report

Souped-up Security
Stories in this report:


Additional Resources
Forrester Consulting - Optimizing Users and Applications in a Mobile World
WHITE PAPER
Solving application issues over the WAN requires careful consideration. Based on their independent research, Forrester Consulting offers recommendations on how to tackle application performance issues, insufficient bandwidth and the inability to quickly restore users in a disaster.

Read now.

Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Networking White Papers
Digital Transformation: Creating New Business Models Where Digital Meets Physical
Individuals and businesses alike are embracing the digital revolution. Social networks and digital devices are being used to engage government, businesses and civil...
Make the Connection: Better Network Connectivity Drives Transformation
Network connectivity is more than just plumbing. Leading organizations today see high-performance network connectivity as a critical enabler of competitive advantage, and not...
Virtualizing Government Infrastructure
All server virtualization solutions are not created equal. The more-with-less agenda for government agencies is tailor-made for server virtualization, which is evolving into...
Moving Service Management to SaaS
Today, organizations can enjoy similarly substantial benefi ts by migrating their IT service management functions to a software-as-a-service model. This paper shows how...
Achieving 360 Degree Network Visibility with Nimsoft
360° network visibility is critical for ensuring continuous availability of networks, servers, and applications-anything less could
have costly bottom-line implications.
All Networking White Papers
Networking Webcasts
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
Unified Communications 101
What's the best way to implement a unified communications solution for your organization?
Try the OptiView® XG on your network - FREE
The OptiView® XG is the first dedicated tablet with automated network and application analysis -- fastest way to root cause. XG raises the...
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
All Networking Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs