Searching for Truth in DKIM: Part 4 of 5

Once you've determined that you can trust the signer of a message, as we discussed in part 3, it's easy to extrapolate that various portions of the message are equally trustworthy. For example, when there's a valid DKIM signature, we might assume that the From: header isn't spoofed. But in reality, DKIM only tells us two basic things... more

Designing Secure Networks with Cisco Technology, Part 4

In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more

Worming Our Way Out of Trouble

The Conficker worm will be active again on April 1st, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors. more

Google Hosting a Discussion on the Future of Cloud Computing

Google will be hosting a discussion on the future of cloud computing and technology policy tomorrow, March 20, in Washington, D.C. Participants include Jeffrey Rayport, principal at the Marketspace consulting group and a leading experts on digital strategy and marketing, and Andrew Heyward, former President of CBS News, who will be presenting the findings of their new study. "They will assess the possibilities, risks and returns of cloud computing; the next steps in moving forward; and potential implications for technology policy," says Dorothy Chou, Google's Global Communications and Public Affairs. Those unable to attend are invited to submit questions in advance via Google Moderator. more

The DNSSEC Industry Coalition Meets to “Make It So”

The DNSSEC Industry Coalition conducted its first face to face meeting on Friday, March 13, 2009 at Google's Washington, DC office. Google's fun filled meeting room was packed with organizations that share a keen interest in DNS Security through the implementation of DNSSEC. more

WIPO’s Misleading Release

The World Intellectual Property Organization put out a release yesterday trumpeting an eight percent increase in domain name disputes handled by WIPO. In 2008 there were 2329 complaints filed with WIPO, the most ever. WIPO uses the increase to raise questions about the possible increase in the number of available generic top-level domains... more

StopBadware.org and Consumer Reports Launch BadwareBusters.org

StopBadware.org and Consumer Reports WebWatch have announced today the full launch of BadwareBusters.org, a new online community for people looking for help preventing and countering viruses, spyware, and other "badware" on their computers and websites. Maxim Weinstein, manager of StopBadware.org at Harvard University's Berkman Center for Internet & Society, says the site is not only a useful destination, but also a piece of a bigger puzzle. "BadwareBusters.org is part of StopBadware's strategy to bring together the people, the organizations, and the data that allow us to fight back against the spread of badware," Weinstein said. "The collective wisdom of the BadwareBusters community will inform not only individuals, but the entire technology industry." more

Searching for Truth in DKIM: Part 3 of 5

Last year, MAAWG published a white paper titled Trust in Email Begins with Authentication [PDF], which explains that authentication (DKIM) is “[a] safe means of identifying a participant-such as an author or an operator of an email service” while reputation is a “means of assessing their trustworthiness.”

 more

U.S. Cyber Security: Blurred Vision

It has been beaten, butted, and batted around quite a bit in the past few weeks -- let's look at a rough timeline of political issues which bring me to this point. Let's look at the power struggle (I prefer to call it confusion) in the U.S. Government with regards to "Cyber Security" -- in a nutshell. In the latter part of 2008, the U.S. House of Representatives Homeland Security Committee determined that DHS was not capable of providing proper critical infrastructure protection (and other Cyber protection capabilities) due to a number of issues. This may well be a political maneuver, or it may well actually have merit. more

Gmail and IMAP and BlackBerry (Oh, my!)

When I was employed, I ran my own mail server and my own BlackBerry Enterprise Server, and I had things tuned pretty much exactly as I wanted them. My incoming mail got some custom processing that looked the sender's address up in my address book and assigned the message a category... I was a very happy email user. Now that I'm on my own, I've decided not to run my own server and all that software, and I've switched to Gmail and the T-Mobile BlackBerry server... Surprisingly, though, I'm mostly still happy... more

This Is Not Your Father’s Traceroute Tool

Traceroute is a network tool that helps determine the path packets take as they travel from one location to another, identifying all of the "hops" along the way. I wonder why they are called hops*? Almost all operating systems have traceroute utilities built in. The command is just that "traceroute", Windows systems abbreviate the command as "tracert" to deal with the 8.3 file naming convention of old... So, let's look at what information traceroute gives you. more

Cloud Computing: The New Service

The penny dropped when I started looking at cloud computing as a service rather than a new technology. In that respect it is more like Google search and a DotCom development than a set of software and hardware tools. That was what I needed to get a better strategic grip on this new concept. As with all services, business strategies are key here, rather than technologies. As soon as it is seen as a technology customer issues often come in second, which then leads to a technology looking for a market... more

Recursive DNS and You

In the world of DNS, there are two types of DNS servers, 'recursion disabled' and 'recursion enabled'. Recursion disabled servers, when asked to resolve a name, will only answer for names that they are authoritative for. It will absolutely refuse to look up a name it does not have authority over and is ideal for when you don't want it to serve just any query. It isn't, however, very useful for domains you don't know about or have authority over... more

Celebrating 20 Years of the World Wide Web

Computer scientists, engineers and journalists gathered today on the CERN particle physics lab in the suburbs of Geneva, Switzerland, to pay homage to the a 1989 proposal by Tim Berners-Lee that would later come to be the blueprint for the World Wide Web. In March 1989, Tim Berners-Lee submitted a proposal for an information management system to his boss, Mike Sendall. 'Vague, but exciting', were the words that Sendall wrote on the proposal, allowing Berners-Lee to continue... more

National Domain Registry Nominet Launches UK ENUM

Nominet, the national registry for .uk domain names, has announced that ENUM, a registry service combining UK telephone numbers and the Domain Name System (DNS) for VoIP calls, is live. ENUM, also known as Telephone Number Mapping, is expected to allow companies and their customers and suppliers to make free or cheaper calls. In addition to the cost savings, other value-added features that ENUM is expected to provide for corporate communications include 'follow me' type function that will allow an individual to choose how (voice, fax, mobile, email, text messaging, location-based services and websites), and when they would like to be contacted throughout the day. more