Threat Intelligence |
Sponsored by |
|
DNS tunneling -- the ability to encode the data of other programs or protocols in DNS queries and responses -- has been a concern since the late 1990s. If you don't follow DNS closely, however, DNS tunneling likely isn't an issue you would be familiar with. Originally, DNS tunneling was designed simply to bypass the captive portals of Wi-Fi providers, but as with many things on the Web it can be used for nefarious purposes. For many organizations, tunneling isn't even a known suspect and therefore a significant security risk. more
Google has received a lot of press regarding their Project Shield announcement at the Google Ideas Summit. The effort is being applauded as a milestone in social consciousness. While on the surface the endeavor appears admirable, the long-term impact of the service may manifest more than Google had hoped for. Project Shield is an invite-only service that combines Google's DDoS mitigation technology and Page Speed service... more
Today at the RIPE 67 event in Athens, Greece, IETF Chair Jari Arkko gave a presentation on "Pervasive Monitoring and the Internet" where he spoke about the ongoing surveillance issues and: What do we know? What are the implications? What can we do? Similar to his earlier article on the topic, Jari looked at the overall issues and spoke about how Internet technology should better support security and privacy. more
I often think there are only two types of stories about the Internet. One is a continuing story of prodigious technology that continues to shrink in physical size and at the same time continue to dazzle and amaze us... The other is a darker evolving story of the associated vulnerabilities of this technology where we've seen "hacking" turn into organised crime and from there into a scale of sophistication that is sometimes termed "cyber warfare". And in this same darker theme one could add the current set of stories about various forms of state sponsored surveillance and espionage on the net. more
Much of the discussion regarding mobile security revolves around the growing "pandemic" of mobile malware. It's not uncommon to see headlines reporting the discovery of large numbers of new malware samples. However, as Google recently pointed out, with quite a bit of data to support them, there's little discussion of real world impact of these discoveries. This raises a number of relevant questions. Is the average user likely to be infected? Where does this malware come from? These are questions that deserve analysis and thoughtful responses. more
At the recent Anti-Phishing Working Group meeting in San Francisco, Rod Rasmussen and I published our latest APWG Global Phishing Survey. Phishing is a distinct kind of e-crime, one that's possible to measure and analyze in depth. Our report is a look at how criminals act and react, and what the implications are for the domain name industry. more
Previous posts (Part 1 and Part 2) offer background on DNS amplification attacks being observed around the world. These attacks continue to evolve. Early attacks focused on authoritative servers using "ANY" queries for domains that were well known to offer good amplification. Response Rate Limiting (RRL) was developed to respond to these early attacks. RRL, as the name suggests, is deployed on authoritative servers to rate limit responses to target names. more
As we blogged about recently, Neustar is committed to ensuring that the domain name system is secure and stable and has been operating top-level domains (TLDs) for over a decade. Tuesday, Neustar submitted comments to the Internet Corporation for Assigned Names and Numbers (ICANN) in response to ICANN's proposal to delay the launch of hundreds of new generic top-level domains (gTLDs). ICANN's decision to delay the launch is based on a study it commissioned that measured the potential frequency of domain-name collision. more
There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more
This weekend Jari Arkko, Chair of the Internet Engineering Task Force (IETF), and Stephen Farrell, IETF Security Area Director, published a joint statement on the IETF blog titled: "Security and Pervasive Monitoring"... They go on to outline some of the IETF's general principles around security and privacy as well as some of the new developments. They also point out a vigorous (and still ongoing) discussion within the IETF around how to improve the security of the Internet in light of recent disclosures. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
