Cybersecurity

Sponsored
by

Cybersecurity / Featured Blogs

98% Of Internet's Main Root Server Queries Are Unnecccary: Should You Be Concerned?

A recent study by researchers at the Cooperative Association for Internet Data Analysis (CAIDA) at the San Diego Super Computer Center (SDSC) revealed that a staggering 98% of the global Internet queries to one of the main root servers, at the heart of the Internet, were unnecessary. This analysis was conducted on data collected October 4, 2002 from the 'F' root server located in Palo Alto, California.

The findings of the study were originally presented to the North American Network Operators' Group (NANOG) on October 2002 and later discussed with Richard A. Clarke, chairman of the President's Critical Infrastructure Protection Board and Special Advisor to the U.S. President for Cyber Space Security. more

United Nations vs. ICANN: One ccTLD At A Time

What happens if ICANN fails? Who will run the DNS then?

Of course to many, ICANN already has failed -- spectacularly so. Critics have long complained that ICANN not only lacks accountability and legitimacy, but also that it is inefficient (at best) and downright destructive (at worst). According to these critics, ICANN's many sins include threatening the stability of the Internet, limiting access by imposing an artificial domain name scarcity, and generally behaving like a petulant dictator. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part II

In Part I of this article I set the stage for our discussion and overviewed the October 21st DDoS attacks on the Internet's 13 root name servers. In particular, I highlighted that the attacks were different this time, both in size and scope, because the root servers were attacked at the same time. I also highlighted some of the problems associated with the Domain Name System and the vulnerabilities inherent in BIND. Part II of this article takes our discussion to another level by critically looking at alternatives and best practices that can help solve the security problems we've raised. more

Preventing Future Attacks: Alternatives In DNS Security Management - Part I

The October 21 DDoS attacks against the 13 root-name servers containing the master domain list for the Internet's Domain Name System (DNS), (which reportedly took offline 9 of the 13 servers) remain a clear and daunting reminder of the vulnerabilities associated with online security. Many DNS authorities have named the most recent hit the largest DDoS attack against the root server system. Chris Morrow, network security engineer for UUNET, the service provider for two of the world's 13 root servers, recently told The Washington Post... more

Privacy Matters: Is It Time To Abolish The WHOIS Database?

Recently, I entered my domain name in a "WHOIS" database query to test the results of the database by using WHOIS on a number of domain name registrar websites. WHOIS is a database service that allows Internet users to look up a number of matters associated with domain names, including the full name of the owner of a domain name, the name of the domain name hosting service, the Internet Protocol or I.P. number(s) corresponding to the domain name, as well as personally identifying information on those who have registered domain names. I was astonished to find... more

Parsing Hype From Hope: Will ENUM Spark Changes In Telecom?

In the beginning there was silence; then, silence begat communication, and communication begat more communication and, ultimately, group communication formed and begat a primordial "network" of communication that gradually and inevitably increased in effectiveness and complexity: there were only signal fires at first but, then, there were cave drawings, carrier pigeons, shouting from hill-tops, smoke from fire, lines of cannon fire, the telegraph, Alexander Graham Bell, and, finally, the network of networks known as the Internet. But, is that it? Is there not something more impressive in its impact upon communication than the Internet? What more might one desire than the dynamic wonders of the Internet, you ask? Well, what about ENUM? "E-What!?" more

Domain Name Theft, Fraud And Regulations

When it comes to domain name disputes, no domain name has captured more media attention than sex.com. Of course, disputes about sex often obtain a great deal of attention, and the sex.com domain name dispute can grab its share of headlines because the case involves sex, theft, declared bankruptcy, a once-thriving Internet porn business, and fraud, instead of the typical cybersquatting allegations. Indeed, this case is remarkable for its potential impact on the development of caselaw concerning whether there is a valid basis to assume that trademark interests should overwhelm all non-commercial interests in the use of domain names. The answer is no, but the caselaw to support that answer is in tension with cases that strongly imply a contrary conclusion. more

ICANN And The DOC Can't

The former contract with ICANN and the US Department of Commerce (DOC) was due to expire on September 30, 2002. In the statement announcing the renewal, the DOC acknowledged that ICANN was the subject of many complaints from many sectors of the Internet community. Some of these complaints had been presented to the US Congress during a hearing held in June 2002 by a Senate Subcommittee. At the hearing, a General Accounting Office (GAO) spokesperson, Peter Guerrero, testified, noting not only that ICANN had failed in its mandate, but that the U.S. Department of Commerce was also at fault in failing to properly oversee ICANN activities. He explains... more

Have You Monitored Your DNS Performance Lately?

Domain Name System (DNS) surveys such as that recently conducted by Men & Mice continually demonstrate that the DNS is riddled with errors. Since the DNS continues to work, this raises three questions:

1. Does it matter that the DNS is riddled with errors?
2. Why is it riddled with errors?
3. How can it be fixed? more

Industry Updates

Mobile Apps Take the Lead, Scammers Follow

The High Cost Of Privacy In A Post-GDPR World

How Threat Intelligence Software Can Help Prevent Breaches Caused by Server Misconfigurations

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

How Reverse WHOIS Search Can Help Protect Against MegaCortex and Other Ransomware

The Web.com Data Breach: A Quick Investigation with Domain Reputation Lookup

Do Security Service Providers Need Their Own Data Scientists?

SOAR Versus SIEM: The Fundamental Differences

Being Cybersecure Is Not Enough, Become Cyber-Resilient Instead