Cybersecurity

Sponsored
by

Cybersecurity / Most Viewed

Fight Spam With the DNS, Not the CIA

It seems like spam is in the news every day lately, and frankly, some of the proposed solutions seem either completely hare-brained or worse than the problem itself. I'd like to reiterate a relatively modest proposal I first made over a year ago: Require legitimate DNS MX records for all outbound email servers.

MX records are one component of a domain's Domain Name System (DNS) information. They identify IP addresses that accept inbound email for a particular domain name. To get mail to, say, linux.com, a mail server picks an MX record from linux.com's DNS information and attempts to deliver the mail to that IP address. If the delivery fails because a server is out of action, the delivering server may work through the domain's MX records until it finds a server that can accept the mail. Without at least one MX record, mail cannot be delivered to a domain.
 more

Pakistan Hijacks YouTube: A Closer Look

A few hours ago, Pakistan Telecom (AS 17557) began advertising a small part of YouTube's assigned network. This story is almost as old as BGP. Old hands will recognize this as, fundamentally, the same problem as the infamous AS 7007 from 1997, a more recent ConEd mistake of early 2006 and even TTNet's Christmas Eve gift 2005. Just before 18:48 UTC, Pakistan Telecom, in response to government order to block access to YouTube, started advertising a route for 208.65.153.0/24 to its provider... more

Cybersecurity, an Essential Weapon in the Cyberwarfare to Protect Our Democracy

We see the problems that we are facing within an increasingly digital society and economy. We cannot go backward; the only way forward is to ensure that this new digital environment is made as safe as possible from a personal, social, political and economic perspective. We are currently struggling on these fronts. Unfortunately, we have now clearly entered a situation of cyber warfare. States now use digital technologies to impose and undermine ideologies. more

Defending Networks Against DNS Rebinding Attacks

DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more

Some Notes on the .XXX Top-Level Domain

Yesterday the ICANN board discussed and approved ICANN staff to enter into negotiations with ICM Registry, Inc. for the .XXX Top Level Domain (TLD). I'm sure there will be a longer more complete presentation from ICANN later about this, but as an individual board member I thought I'd post a quick note before people got carried away with speculation based on a lack of information. more

In Bad Taste

So-called domain tasting is one of the more unpleasant developments in the domain business in the past year. Domain speculators are registering millions of domains without paying for them, in a business model not unlike running a condiment business by visiting every fast food restaurant in town and scooping up all of the ketchup packets. Since 2003, the contract between ICANN and each unsponsored TLD registry (.biz, .com, .info, .net, .org, and .pro) has added an Add Grace Period (AGP) of five days during which a registrant can delete a newly registered domain and get a full refund. Although this provision was clearly intended to allow registrars to correct the occasional typo and spelling error in registrations, speculators realized that this allows them to try out any domain for five days for free... more

Whither DNS?

The Domain Name System is often though of as an integral part of the Internet. Without it, how can you ever locate anything? Well, quite easily, thank you very much. DNS is used implicitly for many services, such as web browsing. It also includes explicit extensions for a few applications such as e-mail. (I'm talking here about DNS the system, not DNS the technology that can be re-purposed to things like ENUM.) But the most notable thing about DNS is its receding importance... more

A Question of DNS Protocols

One of the most prominent denial of service attacks in recent months was one that occurred in March 2013 between Cloudflare and Spamhaus... How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time of the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack? more

A Balkanized Internet Future?

Joi Ito has an important post [also featured on CircleID] on how the internet is in danger of becoming balkanized into separate "internets". He's not the only person who's concerned. Greg Walton worries about Regime Change on the Internet. My friend Tim Wu, a law professor specializing in international trade and intellectual property, has written an article for Slate: The Filtered Future: China's bid to divide the Internet... more

EFF and Its Use of Propaganda: Could Karl Rove do better? Probably

The latest post on DearAOL's blog, by EFF activist coordinator Danny O'Brien, is titled "The Shakedown Begins". In short, Danny receives email from overstock.com on an AOL mailbox -- email that he apparently paid overstock $29.95 to receive. And that email arrives with Goodmail certification that AOL recognizes and flags as such. Danny seems to think this is not the sort of email that should be certified by Goodmail, and that AOL should not suddenly turn on Goodmail certification. Suddenly? more

An Economic Analysis of Domain Name Policy - Part III

"Competitive Bidding for new gTLDs" is the focus of part three of a three-part series based on a study prepared by Karl M. Manheim, Professor of Law at Loyola Law School and Lawrence B. Solum, Professor of Law at University of San Diego. Special thanks and credit to Hastings Communications and Entertainment Law Journal, Vol. 25, p. 317, 2004. ...When new radio frequencies become available for commercial use, federal law requires that licenses be auctioned off to the highest qualified bidder. The FCC does a reasonably good job in designing and conducting spectrum auctions. They are often familiar in format, not much different than found for consumer goods on eBay. In other cases, such as with "Simultaneous Multiple-Round" or "combinatorial bidding," the auction design is fairly complex. Because of complexity in these cases, the FCC sponsors periodic conferences on auction theory and seminars on auction mechanics for potential bidders. more

The Problem With Wikis

Wikis have been around for a long time on the Web. It's taken a while for them to transform from geek tool to a mainstream word, but we're here now. Last week at the ICANN Meeting in Vancouver, it was fun to watch hundreds of people get introduced to Wikis and start using them, thanks to Ray King's ICANN Wiki project. In the past few days since, I've come to believe that Wikis are doomed unless they start thinking about security in a more serious way. more

DNS Firewalls In Action - RPZ vs. Spam

In general, a network firewall is just a traffic filter... Filtering rules can be anything from "allow my web server to hear and answer web requests but not other kinds of requests" to "let my users Ping the outside world but do not let outsiders Ping anything on my network." The Internet industry has used firewalls since the mid-1980's and there are now many kinds, from packet layer firewalls to web firewalls to e-mail firewalls. Recently the DNS industry has explored the firewall idea and the results have been quite compelling. In this article I'm going to demonstrate a DNS firewall built using RPZ (Response Policy Zones) and show its potential impact on e-mail "spam". more

It’s About Connectivity Not The Internet!

I've been trying to avoid writing about the Internet as such. With as "At the Edge" I'm looking at larger issues but can't escape writing more directly about the Internet. It seems as if everyone wants a say in Internet policy without distinguishing between technical and social issues. Today the term "The Internet" or, for many simply "Internet" is more of brand than a term for a specific technology and its implications. It has become too easy to talk about the Internet in lieu of understanding. We also see the converse -- a failure to recognize "Internet" issues. more

An Attack on DNS is an Attack on the Internet

On Saturday Aug 7th, DNS provider DNS Made Easy was the target of a very large denial of service attack. As far as can be determined the total traffic volume exceeded 40 Gigabit/second, enough to saturate 1 million dialup Internet lines. Several of DNS Made Easy's upstream providers had saturated backbone links themselves. There are indications that not only DNS Made Easy suffered from this attack, but the Internet as a whole. more

Industry Updates

Tracing the Digital Footprint of Iran’s Mabna Hackers

Profiling the Massive Infrastructure Behind the Democratic National Committee Cyberintrusion

Is Your Software a Top Impersonation Target?

XCSSET Shows How Threat Actors Cope with OS Changes, Does Away with Python Like macOS

DIY Web Attacks Might Still Live on via WebAttacker

Exposing a Currently Active Ashiyane Digital Security Domain Infrastructure

What Is the Current State of Malicious PPI Businesses and Affiliate Networks?

From Counterfeiting to Phishing: Cybersquatting Properties Target Network Device Makers

Q2 2022 Domain Registration Trends Report

Is Monkeypox Following COVID-19’s (Digital) Footsteps?

WhoisXML API Expands DNS Database Coverage and Adds New Record Type

Have You Seen These Roaming Mantis Connected Artifacts Wandering into Your Phone?

Profiling the Threat Actor Known as “Hagga” and His Work

Beauty and the Beast: Are These Domains Possible Vehicles for Cosmetic Product Counterfeiting?

Are Threat Actors Intercepting Your OTPs? These Cyber Resources Might Be Helping Them