Archive

Category Archives for "Networking"

BrandPost: What’s Missing from DNS in the Enterprise?

A Brief DNS HistoryDNS is the internet’s backbone, the ‘network before the network’. Originally designed to solve the problem of knowing how to route email between disparate internet hosts, DNS is now a 35-year old connection protocolat the heart of every network. However, there are inherent shortcomings. First, DNS is naïve – built for an internet without trust requirements as its designers could not have foreseen today’s threats. DNS was built to simply answer questions to establish a connection, and it’s good at that – but that also leaves it susceptible. For example, the support for recursive DNS requests, which query other servers repeatedly, are vulnerable to fake requests from a spoofed IP address leading to Amplifier attacks. DNS caches can be poisoned by viruses, causing domain lookups to go to the wrong IP address. And yet, DNS is an integral part of every email, every web access, and every internet transaction.To read this article in full, please click here

IoT, social profit and security: Georgia Tech report outlines the future of smart cities

A new report released by a Georgia Tech-based working group said that the future of smart city technology will be contingent on  businesses and city governments understanding the finer points of IoT technology and the way it affects business models and the lives of citizens. The report analyzes, among other things, the risks and potential rewards of various types of public IoT, from an ethical, technological and practical perspective.One key point researchers made is that IoT deployed in public spaces – in collaboration between city governments, private enterprise and citizens themselves – has a diverse group of stakeholders to answer to. Citizens require transparency and rigorous security and privacy protections, in order to be assured that they can use the technology safely and have a clear understanding of the way their information can be used by the system.To read this article in full, please click here

OPAQ enables total network security from the cloud

Today’s threat landscape has led organizations to defend their networks with numerous point solutions, most of which are complex and require significant attention to operations and ongoing maintenance. While large enterprises often have sufficient skilled resources to support the security infrastructure, small- to medium-sized businesses sometimes struggle in this area.For the SMB market in particular, Network Security-as-a-Service is an attractive offering. It allows companies to get the very best security technology at an affordable price point while having someone else maintain the complex infrastructure.This has given rise to a genre of service provider that builds its own network backbone in the cloud and embeds network security as an integral service. More and more players are starting to offer this kind of service. They generally start with a global network backbone and software-defined wide-area networking (SD-WAN), add a full security stack, and connect to various cloud services from Amazon, Google, Microsoft, etc. Customers connect their data centers, branches, end users, and cloud apps to this network, and away they go. It’s networking, plus network security, all in one place, and all managed as a service.To read this article in full, please click here

OPAQ enables total network security from the cloud

Today’s threat landscape has led organizations to defend their networks with numerous point solutions, most of which are complex and require significant attention to operations and ongoing maintenance. While large enterprises often have sufficient skilled resources to support the security infrastructure, small- to medium-sized businesses sometimes struggle in this area.For the SMB market in particular, Network Security-as-a-Service is an attractive offering. It allows companies to get the very best security technology at an affordable price point while having someone else maintain the complex infrastructure.This has given rise to a genre of service provider that builds its own network backbone in the cloud and embeds network security as an integral service. More and more players are starting to offer this kind of service. They generally start with a global network backbone and software-defined wide-area networking (SD-WAN), add a full security stack, and connect to various cloud services from Amazon, Google, Microsoft, etc. Customers connect their data centers, branches, end users, and cloud apps to this network, and away they go. It’s networking, plus network security, all in one place, and all managed as a service.To read this article in full, please click here

Shutting down the BGP Hijack Factory

It started with a lengthy email to the NANOG mailing list on 25 June 2018: independent security researcher Ronald Guilmette detailed the suspicious routing activities of a company called Bitcanal, whom he referred to as a “Hijack Factory.”  In his post, Ronald detailed some of the Portuguese company’s most recent BGP hijacks and asked the question: why Bitcanal’s transit providers continue to carry its BGP hijacked routes on to the global internet?

This email kicked off a discussion that led to a concerted effort to kick this bad actor, who has hijacked with impunity for many years, off the internet.

Transit Providers

When presented with the most recent evidence of hijacks, transit providers GTT and Cogent, to their credit, immediately disconnected Bitcanal as a customer.  With the loss of international transit, Bitcanal briefly reconnected via Belgian telecom BICS before being disconnected once they were informed of their new customer’s reputation.

The following graphic illustrates a BGP hijack by Bitcanal via Cogent before Cogent disconnected them. Bitcanal’s announcement of 101.124.128.0/18 (Beijing Jingdong 360 Degree E-commerce) was a more-specific hijack of 101.124.0.0/16, normally announced by AS131486 (Beijing Jingdong 360 Degree E-commerce).  Continue reading

IDG Contributor Network: Protecting iOS against the aLTEr attacks

Researchers from Ruhr-Universität Bochum & New York University Abu Dhabi have uncovered a new attack against devices using the Long-Term Evolution (LTE) network protocol. LTE, which is a form of 4G, is a mobile communications standard used by billions of devices and the largest cellular providers around the world.In other words, the attack can be used against you.The research team has named the attack “aLTEr” and it allows the attacker to intercept communications using a man-in-the-middle technique and redirect the victim to malicious websites using DNS spoofing.To read this article in full, please click here

The aftermath of the Gentoo GitHub hack

Gentoo GitHub hack: What happened? Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon removed from Gentoo developers. Repository and page content were altered. But within 10 minutes of the attacker gaining access, someone noticed something was going on, 7 minutes later a report was sent, and within 70 minutes the attack was over. Legitimate Gentoo developers were shut out for 5 days while the dust settled and repairs and analysis were completed.The attackers also attempted to add "rm -rf" commands to some repositories to cause user data to be recursively removed. As it turns out, this code was unlikely to be run because of technical precautions that were in place, but this wouldn't have been obvious to the attacker.To read this article in full, please click here

The aftermath of the Gentoo GitHub hack

Gentoo GitHub hack: What happened? Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon removed from Gentoo developers. Repository and page content were altered. But within 10 minutes of the attacker gaining access, someone noticed something was going on, 7 minutes later a report was sent, and within 70 minutes the attack was over. Legitimate Gentoo developers were shut out for 5 days while the dust settled and repairs and analysis were completed.The attackers also attempted to add "rm -rf" commands to some repositories to cause user data to be recursively removed. As it turns out, this code was unlikely to be run because of technical precautions that were in place, but this wouldn't have been obvious to the attacker.To read this article in full, please click here