Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Unlike consultant-led penetration testing, periodic or continual vulnerability scanning programs have to operate harmoniously with a corporation's perimeter defenses. Firewalls, intrusion prevention systems, web proxies, dynamic malware analysis systems, and even content delivery networks, are deployed to protect against the continuous probes and exploit attempts of remote adversaries -- yet they need to ignore (or at least not escalate) similar probes and tests being launched by the managed security service providers an organization has employed to identify and alert upon any new vulnerabilities within the infrastructure or applications that are to be protected. more
Communications will be one of the most critical areas during the London Olympic Games. The industry is working to establish shared access networks -- would it not be nice if they did this everywhere, all the time? They are also working very closely with British Olympic Association, London Transport, the broadcasters and content providers. Mobile coverage will be the biggest shared infrastructure in the world. more
How do we help coordinate responses to attacks against Internet infrastructure and users? Internet technology has to scale or it won't survive for long as the network of networks grows ever larger. But it's not just the technology, it's also the people, processes and organisations involved in developing, operating and evolving the Internet that need ways to scale up to the challenges that a growing global network can create. more
In our last post on CircleID we showed encouraging growth in the number of IPv6-enabled networks. But announcing an IPv6 prefix is only one of the first steps a network operator should take when deploying IPv6. For a full IPv6 deployment, IPv6 needs to be enabled on network infrastructure and made available to end users. One key piece of infrastructure for which we can measure IPv6 capabilities are DNS resolvers. more
Last month, the Obama administration sponsored one of the first high-level government workshops on IPv6. At the meeting, the administration's Chief Information Officer, Vivek Kundra, announced a remarkable 2012 deadline for federal agencies to support IPv6. So with a high-level US government mandate and a recent spade of vendor and carrier IPv6 announcements (e.g. VeriSign, Hurricane Electric), is the 15 year old IPv6 migration effort finally gaining momentum? more
A great deal of hype is out there, as vendors talk up the next development in mobile technology, known as 5G. FCC Chairman Tom Wheeler made a good comparison. He said that one person looking at the paintings by the Master in the Picasso Museum in Barcelona sees a different picture to the person next to them. That's what 5G is all about at the moment -- a great picture with lots of different interpretations. more
Vonage's latest woes are written up by Om Malik in Vonage: How Low Can You Go. More interesting than Om's reportage (Sprint wins case, Vonage ordered to pay damages, stock drops to $1.30) is the commentary afterward, in which one reader takes Om to task for the "gleeful" way in which he reports the demise of the VoIP companies... Boosters made the argument that VoIP was fundamentally cheaper than the TDM systems that phone companies deploy, and so therefore they enjoyed a price advantage in the market place. Anyone in the business of supplying telecom equipment, however, will tell you that the argument is flawed... more
As 2014 winds down, cloud spending is up. That's the word from research firm IDC -- as reported by IT Jungle, cloud spending will reach over $56 billion this year and won't stop anytime soon. By 2018, predictions peg the cloud as worth $127 billion, and that's just counting "core" cloud services such as SaaS, PaaS and IaaS. Cloud-based peripherals, the Internet of Things and other cloud initiatives are also on track to make an impact; here's a quick look at top cloud considerations for the coming year. more
Not so long ago, the notion of introducing laws and other regulatory responses to address cyber security issues was regarded with significant hesitation by governments and policy makers. To some extent, this hesitation may well have stemmed from a general perception by those who do not work directly in the field that the world of cyber security is somewhat of a 'dark art'. More recently, however, there has been a substantial shift in this attitude, with proposals to regulate a range of cyber security related matters becoming increasingly numerous. more
This post follows an earlier post about DNS amplification attacks being observed around the world. DNS Amplification Attacks are occurring regularly and even though they aren't generating headlines targets have to deal with floods of traffic and ISP infrastructure is needlessly stressed -- load balancers fail, network links get saturated, and servers get overloaded. And far more intense attacks can be launched at any time. more
The Internet was not originally designed as a single network that serviced much of the world's digital communications requirements. Its design was sufficiently flexible that it could be used in many contexts, including that of small network domains that were not connected to any other domain, through to large diverse systems with many tens of thousands of individual network elements. If that is indeed the case, then why is it that when networks wish to isolate themselves from the Internet, or when a natural calamity effectively isolates a network, the result is that the isolated network is often non-functional. more
On Friday, 14 March 2014, the U.S. Department of Commerce National Telecommunications and Information Administration (NTIA) announced its intention to transition the IANA functions to the global multistakeholder community. As expected, the announcement has sent adrenaline coursing through the veins of Internet governance experts and government policy people the world over. I'd argue, however, that it is an important point for the Internet's technical experts to sit up and take notice, as well: the fact that you are probably saying "what problem does this solve?" is a testimony to how much works well today, and we want to make sure it continues to work well in any future arrangements. more
Telco front-man Scott Cleland, in a recent blog post, thumbs his nose at the Four Internet Freedoms and says that the FCC should too. Under current leadership, it probably will. Referring to the recent submissions to the FCC by Free Press and Public Knowledge and Vuze complaining about Comcast's use of reset packets to block applications that compete with Comcast's own proprietary video entertainment offering, Cleland says "Network management trumps net neutrality." There are lots of reasons for, ahem, managing. Cleland neglects to observe that controlling congestion the way Comcast does it is like scattering nails in the road for traffic control. more
The DNS is a remarkably simple system. You send it queries, and you get back answers. Within the system, you see exactly the same simplicity: The DNS resolver that receives your query may not know the answer, so it, in turn, will send queries deeper into the system and collects the answers. The query and response process is the same, applied recursively. Simple. However, the DNS is simple in the same way that Chess or Go are simple... more
The EU's 'cyber security' Agency ENISA (The European Network and Information Security Agency) has launched a new report concluding that the EU should focus its future IT security research on five areas: cloud computing, real-time detection and diagnosis systems, future wireless networks, sensor networks, and supply chain integrity. more
A World-Renowned Source for Internet Developments. Serving Since 2002.