Cybersecurity |
Sponsored by |
|
It is a safe assumption that if you are reading this post, you like technology. If that is the case, then you understand the tremendous economic, cultural, and human rights benefits an open, universal, and free Internet provides. That freedom is under attack. And it is our responsibilities, as stakeholders in a successful Internet, to balance governments and have an open dialog on the topic. more
DNS tunneling -- the ability to encode the data of other programs or protocols in DNS queries and responses -- has been a concern since the late 1990s. If you don't follow DNS closely, however, DNS tunneling likely isn't an issue you would be familiar with. Originally, DNS tunneling was designed simply to bypass the captive portals of Wi-Fi providers, but as with many things on the Web it can be used for nefarious purposes. For many organizations, tunneling isn't even a known suspect and therefore a significant security risk. more
John Crain has been named ICANN's new Chief Security, Stability and Resiliency Officer. In this newly created position Crain will assume the responsibilities of Jeff Moss, who announced he is stepping down from his position as Chief Security Officer at the end of the year. more
Today at the RIPE 67 event in Athens, Greece, IETF Chair Jari Arkko gave a presentation on "Pervasive Monitoring and the Internet" where he spoke about the ongoing surveillance issues and: What do we know? What are the implications? What can we do? Similar to his earlier article on the topic, Jari looked at the overall issues and spoke about how Internet technology should better support security and privacy. more
I often think there are only two types of stories about the Internet. One is a continuing story of prodigious technology that continues to shrink in physical size and at the same time continue to dazzle and amaze us... The other is a darker evolving story of the associated vulnerabilities of this technology where we've seen "hacking" turn into organised crime and from there into a scale of sophistication that is sometimes termed "cyber warfare". And in this same darker theme one could add the current set of stories about various forms of state sponsored surveillance and espionage on the net. more
Much of the discussion regarding mobile security revolves around the growing "pandemic" of mobile malware. It's not uncommon to see headlines reporting the discovery of large numbers of new malware samples. However, as Google recently pointed out, with quite a bit of data to support them, there's little discussion of real world impact of these discoveries. This raises a number of relevant questions. Is the average user likely to be infected? Where does this malware come from? These are questions that deserve analysis and thoughtful responses. more
ICANN has announced that Paul Mockapetris, inventor of the Domain Name System (DNS), has agreed to serve as Senior Security Advisor to the Generic Domains Division and its President, Akram Atallah. more
In support of National Cyber Security Awareness Month, DDoS Awareness Day is a virtual, global event focused on raising awareness and education around the threat of DDoS attacks. Hosted by Neustar with and exclusive media partner CSO, DDoS Awareness Day brings together top experts in global security to share their views, technical tips and from-the-trenches experience. Attendees will also be given access to a wealth of DDoS materials: white papers, surveys, presentations, best practices and more. more
Symantec has disabled part of one of the world's largest networks of infected computers, according to reports today. About 500,000 hijacked computers have been taken out of the 1.9 million strong ZeroAccess botnet. The zombie computers were used for advertising and online currency fraud and to infect other machines. Security experts warned that any benefits from the takedown might be short-lived. more
It's late in the new gTLD day and the program looks to be inching ever closer to the finish line. Yet last minute hiccups seem to be a recurring theme for this ambitious project to expand the Internet namespace far beyond the 300 odd active TLDs in existence today (counting generics and country codes). A drive for growth which is already underway, with 63 gTLD contracts now signed as of mid September... But will those users find themselves at greater risk because of this namespace expansion? That's what several parties have been asking in recent months. more
The difficulty of applying a hierarchically organized PKI to the decentralized world of Internet routing is being fully exposed in a new Internet-draft. The document represents a rational response to an RPKI that closely ties address resources to a handful of Internet governance institutions, nicely illustrates how governments and national security policy are influencing Internet security, and portends substantial costs for network operators and beyond if adopted widely more
In a recent blog post, Dan Jaffe, Association of National Advertisers' Executive VP of Government Relations, shares some concerns about ICANN's "overly rapid Top Level Domain rollout". more
Previous posts (Part 1 and Part 2) offer background on DNS amplification attacks being observed around the world. These attacks continue to evolve. Early attacks focused on authoritative servers using "ANY" queries for domains that were well known to offer good amplification. Response Rate Limiting (RRL) was developed to respond to these early attacks. RRL, as the name suggests, is deployed on authoritative servers to rate limit responses to target names. more
As we blogged about recently, Neustar is committed to ensuring that the domain name system is secure and stable and has been operating top-level domains (TLDs) for over a decade. Tuesday, Neustar submitted comments to the Internet Corporation for Assigned Names and Numbers (ICANN) in response to ICANN's proposal to delay the launch of hundreds of new generic top-level domains (gTLDs). ICANN's decision to delay the launch is based on a study it commissioned that measured the potential frequency of domain-name collision. more
There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more
A World-Renowned Source for Internet Developments. Serving Since 2002.