Threats from social networking, video and filesharing pale in comparison to malicious content in business critical apps, according to a survey by network security firm Palo Alto Networks. While 339 social networking, video, and file-sharing applications represent 20 per cent of network bandwidth use, they account for less than 1 …
One way of looking at data
Filesharing and youtube are high volume data but each file or video is only one interaction that could pull in a threat. The other apps are many small bursts of data each associated with a threat possibilty.
so network bandwidth is not really a relevant comparator.
Their interactive report thingy didn't work for me, so I'm working theoretically here.
" ... While 339 social networking, video, and file-sharing applications represent 20 per cent of network bandwidth use, they account for less than 1 per cent of threat logs ... "
" ... The top 10 applications by threat are: MS SQL; MS RPC; Web Browsing; Server Message Block; MS SQL Monitor; MS Office Communicator; SIP; Active Directory; Remote Procedure Call; and DNS ..."
erm... isn't "Web Browsing" a fairly broad business application, that is likely to incorporate most of the threat logs associated with users surfing to social networking sites and the 1% referred to is the tiny amount where a user has actually admitted to using a social networking site at work...
Uh, I'm not sure SMB or RPC are 'applications' per se...
> Uh, I'm not sure SMB or RPC are 'applications' per se...
OSI layer 7
Re: > Uh, I'm not sure SMB or RPC are 'applications' per se...
OSI layer 7
RPC is arguably layer 6 (presentation). Personally, I don't think the OSI model is particularly useful in this context (or many others), as layer 7 is far too vague and broad.
Nor is OSI layer 7 what most people are thinking of when they refer to "computer applications".
RE: What a horribly skewed article
This does put them in a good position to actually have the right data for businesses but they aren't exactly known for personal firewalls.
From looking at the blog linked to the article, it appears that all of their information comes from corporate networks. I would guess many of the apps and services cited are being targeted from within the network through an internal proxy. The interactive bit gives information both on total bandwidth used and number of sessions. No surprise that video sharing takes up a disproportionate amount of bandwidth compared to the number of sessions. As graeme leggett pointed out, the number of sessions is a better metric than total bandwidth used.
I tried to pull some of that into tabular format for a better comparison, but the interactive doohickey makes this very difficult. It is almost as if that was the goal...
Apples and Pears
This article is comparing front end applications to back end services, strange logic indeed.
Who the hell wants to hack streams of social networking chatter?
Obviously the SQL Servers and Server protocols are going to get attacked, this is after-all where the really interesting data lies.
<--- Fail, because this article did.
This explains ...
... why gangs of pickpockets do little in the way of Customer Satisfaction Surveys.
Fail indeed, Khaptain.
Turkeys in shock vote against Xmas.
This would be a report from Pablo Alto networks, who specialise in deep packet inspection appliction analysis firewalls??
What's the betting the final paragraph reads something like "talk to a Pablo Alto networks representative to discuss how to alleviate these threats".
This is all very good and Pablo Alto networks is a fine product, but the very people who read these reports tend to be very same people who ignore the repeated warnings that most of the business logs into to critcal systems with a shared account with the password of PASSWORD. The upshot is that they waste a lot of money to 'fix' a lower risk issue but ignore the elephant shaped security vulnerability in the room.
More tin does not necessarily mean better security.