When it’s not DNS, it’s probably NTP
An intriguing detective story about debugging a chain of problems.
Tag: security
As the balance of security controls shifts, where does responsibility rest?
Guest Post: Increasing encryption online impedes existing methods of detecting malicious traffic. How will industry, standards, and policy settle this dilemma?
KeyTrap
Just how ‘devastating’ is the Keytrap vulnerability? How it works, and what the response has been.
SMTP smuggling — spoofing emails worldwide
Guest Post: Introducing a novel technique for email spoofing.
Crashing the party — vulnerabilities in RPKI RP software
Guest Post: Prefix hijacks are devastating to Internet stability and security.
GAC communiqués and community activity on DNS abuse
The DNS Abuse Institute launches a new level of reporting that reveals how malicious phishing and malware are distributed across the DNS registration ecosystem.
KeyTrap algorithmic complexity attacks exploit fundamental design flaw in DNSSEC
Guest Post: Researchers uncover and investigate ‘the worst attack on DNS ever discovered’.
A quantum-safe cryptography DNSSEC testbed
Guest Post: Now is the time to prepare for the future of cryptography.
Drop early, drop often: Raw vs filter iptables packet filtering
Guest Post: Examining iptables performance when filtering traffic at different processing stages within a Linux-based router.
Update on the APNIC Honeynet Network
The Community Honeynet project continues to assist network engineers and security personnel in understanding their online adversaries. What’s next?