Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
I am a consulting systems engineer with FireEye. I have also written a number of technical books:
The Practice of Network Security
Building an Intelligence-Led Security Program
DNS Security: Defending the Domain Name System
And forthcoming:
Ransomware: Defending Against Extortion
NTP Security: A Quick-Start Guide
Except where otherwise noted, all postings by Allan Liska on CircleID are licensed under a Creative Commons License.
The Network Time Protocol (NTP) has been in the news a number of times over the past couple of years because of attacks on the protocol, vulnerabilities in the daemon, and the use of NTP in DDoS attacks. In each case, the developers of NTP have responded quickly with fixes or recommendations for remediating these attacks. Additionally, the development team has continued to look ahead and has worked to enhance the security of NTP. Unfortunately, that has not translated to an improved security picture for NTP. more
Two things are important to stress. First, nothing was decided in this meeting, and no actions will be taken until the next meeting in 2005. Secondly, and more importantly, as with anything the devil is in the details. Given the vagueness of the documents available, there are few reliable conclusions that can be drawn from the summit...Before any judgments can be made about the effectiveness, or feasibility of the ideas outlined in the Plan of Action more concrete information is needed. The details of these plans are currently unknown to the Internet community at large, and may even be unknown to the members of the WSIS. Based on the information that is available it appears the Plan of Action needs to be thought through a little more thoroughly. more
A World-Renowned Source for Internet Developments. Serving Since 2002.