In general, a network firewall is just a traffic filter... Filtering rules can be anything from "allow my web server to hear and answer web requests but not other kinds of requests" to "let my users Ping the outside world but do not let outsiders Ping anything on my network." The Internet industry has used firewalls since the mid-1980's and there are now many kinds, from packet layer firewalls to web firewalls to e-mail firewalls. Recently the DNS industry has explored the firewall idea and the results have been quite compelling. In this article I'm going to demonstrate a DNS firewall built using RPZ (Response Policy Zones) and show its potential impact on e-mail "spam". more
I recently talked about the top trends of 2012. Well, now it's time for me to look into my crystal ball and predict the future. I believe that this year we'll see great developments when it comes to TR-069. I know you'll say that this was a trend last year, but I'm confident that 2013 is the year that this protocol will really shine. more
Anyone who expected that with the end of the Dubai ITU World Conference on International Telecommunications (WCIT) in December 2012, the heated debate on the future regulation of the Internet will slow down should remember to fairytale of the battle of the knight with the seven-headed dragon. Hardly a head is cut off, another is growing. In 2013 the discussion on Internet freedom will likely gain in sharpness. more
As an applicant in this new gTLD round with quite a few overlapping strings, I've had a keen interest in the various proposed auction platforms. In the past six months the ideas behind private auction have matured significantly and I now see it as a strong mechanism for resolving contention. Following are my observations. more
It was 30 years ago today, on January 1, 1983, that the ARPANET had a "flag day" when all connected systems switched from using the Network Control Protocol (NCP) to the protocols known as TCP/IP. This, then, gave rise to the network we now know as the Internet. more
.tk was once designated as the riskiest ccTLD. .ru is often said to be, after .com, the most used in the content of spam messages. But is there a ccTLD that is a favorite destination for copyright infringement? The question is worth asking in view of the growing trend for .com domain names seizures related to copyright infringement. more
The capabilities IPv6 provides will enhance online security, but the shift to the new Internet address scheme may also present risks if not properly managed. Previously, Internet security was largely an after-thought for the early Internet, as its primary purpose was to facilitate open, end-to-end, any-to-any communications and information exchange for bridging and accelerating research efforts. Today, we have a much more complex online ecosystem that spans billions of users across the globe and serves not only as an engine for e-commerce, but as an engine for all commerce. more
The problem with setting expectations is that when they are not fulfilled the fallout is generally considered to be a failure, and while everyone wants to claim parenthood of success, failure is an orphan. In that sense it looks like the WCIT meeting, and the International Telecommunications Regulations (ITRs) that were being revised at that conference this month are both looking a lot like orphans. There have been a number of reports of the outcome of the two week... Most of the blogs were quick to characterize the outcome as a loss for the dark forces that lurked somewhere in the closets of the ITU's headquarters in Geneva. But there is more to it than that. more
In the previous installments we looked at software changes in mail servers, and in the software that lets user mail programs pick up mail. What has to change in the user mail programs? ... The first and most obvious is that users have to be able to enter the addresses. more
Throughout the second half of 2012 many security folks have been asking "how much is a zero-day vulnerability worth?" and it's often been hard to believe the numbers that have been (and continue to be) thrown around. For the sake of clarity though, I do believe that it's the wrong question... the correct question should be "how much do people pay for working exploits against zero-day vulnerabilities?" more
I don't think it's a surprise to anyone, but it's the Christmas season again and doubtless a large number of television sets will be sold as part of the annual retail festivities. But these days the devices for sale in the shops are not just televisions: today's television is perhaps better described as a media computer with a very large display. Sure, the device can tune in to radio transmissions and display them... but the device also is equipped with either a WiFi or an Ethernet jack, or both. This alone sounds like a relatively innocuous addition to the television, but it's providing to be a highly disruptive change in the traditional Internet market space. more
As Christmas were getting closer, the third time of load balancing the streaming pictures of the famous Christmas goat in the city of Gävle, Sweden, was on the agenda. My goal with this activity is the same as before, to track the use of IPv6 and DNSSEC validation. The results from the last two years are published on CircleID. more
Thank goodness for Monday's new gTLD draw!!! To date the process has been more of an intellectual exercise in marketing, technology, and strategic game thinking - it was getting a little boring. A business needs to see regular 'wins' to keep momentum and stay motivated. The presumptive lineup of new gTLDs has now been established which has given most applicants (save those poor souls looking at 2015 as their launch year) a clear view of the starting gate. more
What occurred in Dubai on 14 December was unprecedented in the history of the ITU. It was unprecedented in the history of international telecommunication law. Most of the major nations of the telecommunication world rejected a profoundly broken treaty instrument that had no reason to even exist. A large number of "minor" networking nations accepted the obligations of the treaty instrument, although almost all of them entered significant reservations. In the long history of telecommunication law and intergovernmental organizations since 1850, this has never occurred. more
The gTLD Prioritization "Draw" was a mistake. But its negative impact can still be mitigated. The best course of action follows directly from information that can be gleaned from available data. Let us start with the latest piece of intelligence: who "played" in the "Draw"? 1766 of 1917 applications had a lottery ticket. This is much worse than expected. Very few abstained. Even the purely defensive applicants saw no other choice but to "play". more
Sponsored byVerisign
Sponsored byCSC
Sponsored byRadix
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byWhoisXML API