The Consumer Desktop - The Weak Link in Internet Security and Why ISP's Are Uniquely Positio
The Internet community today is seeing a rapidly growing number of distributed denial-of-service (DDoS) attacks. At the same time the sophistication of these attacks is maturing, making defense more and more difficult. Common to all DDoS attacks is the requirement for 'drones' or 'zombies' desktops or hosts that have been compromised in a way that lets an attacker utilize these systems as proxies to generate attack traffic while maintaining the anonymity of the attacker. The growing community of consumer desktops with 'always-on' Internet connections provides attackers with a large source of potential drones. Securing the consumer desktop and choking off this source of drones is one of several ways to reduce the occurrence of DDoS attacks. This paper demonstrates why consumer desktops are particularly vulnerable to compromise what options are available today to protect the consumer desktop and why Internet Service Providers (ISP's) are particularly well positioned to improve the security of consumer desktops.
892 (PDF, 2.15MB)
11 Mar 2003Related Content
The Strategic Case for Web Traffic Inspection Beyond the Endpoint
Research PaperThis paper explores a practical, phased approach to adopting Secure Web Gateway (SWG) capabilities—from basic URL filtering to TLS inspection, inline DLP, and broader Security Service Edge (SSE) integration.
- 25 Jun 2026
- Aaron Cure
Cloud Ace Journeys: The Analyst Flight Plan
Research PaperCloud security analysts are responsible for securing environments, detecting threats, locking down identity, and responding to breach.
- 18 Jun 2026
- SANS Institute
Autonomous Endpoint Management: Next-Gen Endpoint Visibility Fueling SecOps and IT Ops with AI
Research PaperThis First Look outlines how Tanium’s single-agent architecture and AI-powered capabilities empower teams to operate from a shared source of truth, reduce operational overhead, and achieve measurable ROI.
- 10 Nov 2025
- Matt Bromiley
Cloud Security Groundhog Day: Avoiding Recurring Mistakes in a Dynamic Landscape
Research PaperDownload the SANS ebook and learn how to strengthen your cloud and AI security strategies.
- 16 Oct 2025
- Dr. Anton Chuvakin, Dr. Paul Vixie, Frank Kim, Simon Vernon, Brandon Evans, Dave Shackleford, Wesley Kuzma
ZTA Unpacked: The Critical Technical Components of Zero Trust Architecture
Research PaperThis paper demystifies the technical foundation of Zero Trust Architecture (ZTA) and outlines the key technologies that drive modern, mature implementations.
- 15 Aug 2025
- Greg Scheidel
Navigating the Challenges of Securing Hybrid Environments
Research PaperThis paper explores ways to bring clarity and control back to your hybrid security strategy—with practical guidance on Zero Trust, unified monitoring, and the evolving role of AI in modern defense.
- 24 Jul 2025
- Matt Bromiley
Securing Azure with PIM: A Just-in-Time Access Study
Research PaperThis study assesses Azure Privileged Identity Management (PIM) and its Just-in-Time access model within a controlled Azure environment, simulating enterprise scenarios across Azure Subscription Roles.
- 11 Jul 2025
- Dustin Bourgois
Resiliency and Business Continuity in the Cloud Era
Research PaperIn this white paper, Dave Shackleford unpacks today’s evolving cloud threat landscape.
- 21 May 2025
- Dave Shackleford
Out-of-Band Defense: Securing VPNs from Password-Spray Attacks with Cloud Automation
Research PaperThis research examines an out-of-band solution to detect and block password-spray attacks on Remote Access VPN services, addressing vulnerabilities like Cisco’s CVE-2024-20481 amid rising threats post-COVID-19.
- 12 May 2025
- SANS Institute
Securing the Future with Microsoft Defender for Cloud: Best Practices and Insights
Research PaperIn this paper, you’ll learn how to enhance your cloud security posture through actionable insights and use cases involving Microsoft Defender for Cloud.
- 26 Mar 2025
- Dave Shackleford
The Flavor of Clouds: Are Some Cloud Platforms More Attractive to Attackers?
Research PaperSignificant financial loss and sensitive data exposure continue to be a significant risk for entities that host systems in the cloud.
- 17 Feb 2025
- James Smith
Detecting Azure Hybrid Machine Attack Paths with Graph Theory
Research PaperThis research extends the data collected by the security tool BloodHound to uncover hidden connections between on-premises devices and their cloud identities within an Azure environment.
- 7 Jan 2025
- Shawn Woods
Cloud Security Monitoring on AWS
Research PaperCloud services adoption is growing massively year over year. In most cases, moving to the cloud...
- 8 Feb 2021
- Sherif Talaat
Firebase: Google Cloud's Evil Twin
Research PaperFirebase allows a frontend application to connect directly to a backend database. Security wonks...
- 8 Oct 2020
- Brandon Evans
Compliance Benchmarks using Cloud Custodian
Research PaperWith the increased cloud adaption rate, many companies are looking for ready to use product...
- 25 Sep 2020
- Vishnu Varma
Top 5 Considerations for Multicloud Security
Research PaperThe move to leveraging multiple public cloud providers introduces new challenges and opportunities...
- 15 Apr 2020
- Brandon Evans
Cybersecurity in the Age of the Cloud
Research PaperThe hand-selected resources in this eBook provide a well-rounded look at cybersecurity...
- 21 Feb 2020
- Frank Kim
Secure Internet Gateways: Backing Down from a Fight
Research PaperWhen does a security agent become a double agent? On-premise corporate devices are protected by a...
- 2 Nov 2018
- Seth Polley
Intrusion detection through traffic analysis from the endpoint using Splunk Stream
Research PaperWith technologies such as software-defined wide area networking (SD-WAN) and cloud operations, the...
- 24 May 2017
- Etrik Eddy
Cyber Security Trends: Aiming Ahead of the Target to Increase Security in 2017
Research PaperAttackers are always changing their methods, but some cybersecurity trends are clear--and...
- 20 Mar 2017
- John Pescatore, John Pescatore