More notes from IETF 112
Geoff Huston on currently active IETF routing security, IPv6, and transport discussions.
Tag: security
Notes from DINR 2021
Presentations at DINR 2021 demonstrated a world of detail and complexity in current DNS research.
Vulnerabilities show why STARTTLS should be avoided if possible
Guest Post: Study finds more than 40 STARTTLS-related security flaws in many different software products, both client-side and server-side.
What every IT person needs to know about OpenBSD Part 3: That packet filter
Guest Post: Useful and fun features related to the OpenBSD packet filter.
RSA vs ECDSA for DNSSEC
Measuring whether we should use ECDSA.
ALPACA attack: Analysing and mitigating cracks in TLS authentication
Guest Post: Study shows adding a TLS-protected email or FTP server to a network can enable cookie-stealing or cross-site scripting attacks against web servers in the same network.
DNS-over-TCP considered vulnerable
Guest Post: There are several ways attackers can force TCP to fragment for inclusion in IP fragmentation attacks.
What every IT person needs to know about OpenBSD Part 2: Why use OpenBSD?
Guest Post: What is OpenBSD like for a user or developer, and why is it better?
What every IT person needs to know about OpenBSD Part 1: How it all started
Guest Post: OpenBSD remains a crucial yet largely unacknowledged player in the open-source field.
Event Wrap: Cybersecurity Asia 2021 Conference
Adli Wahid gave an update on the APNIC Community Honeynet Project at the Cybersecurity Asia 2021 Conference, held online from 11 to 12 October 2021.