As protests of all kinds seem to be gaining momentum these days, it will be interesting to see what develops next with DDoS attacks.
In today's online business environment it is important that the risks are truly understood and mitigation measures put in place before attacks happen and the damage is done.
Why Can't a Product or Service Meet All My Needs??? With Professional Services, It Can!
Real people are reporting attacks and real people are responding.
As Neustar sees it, there are three key elements to dedicated DDoS protection: people, process and technology.
DDoS attacks can occur up to 7000 times a day, and the number is continuing to escalate each year. This is largely due to how easy it has become for someone to launch these attacks.
How would a managed DNS service limit exposure and help provide notification and failover capabilities? What should you even be looking for in these types of services?
They are out there. In Internet Cafes and dark rooms from New York to Hong Kong to Iran, the domain name hijackers are plotting to steal your domain names. Fortunately, there are some steps that you can take to protect yourself against losing your domain names. ...Registrars are often skeptical of claims of domain hijacking, and the hijackers often "launder" the domain names to look as if they have sold them to third parties... By the time you discover that your domain name has been stolen, it may be at its third or fourth different registrar in the name of a completely different party... more»
For some years now the general uptake of IPv6 has appeared to be "just around the corner". Yet the Internet industry has so far failed to pick up and run with this message, and it continues to be strongly reluctant to make any substantial widespread commitment to deploy IPv6. Some carriers are now making some initial moves in terms of migrating their internet infrastructure over to a dual protocol network, but for many others it's a case of still watching and waiting for what they think is the optimum time to make a move. So when should we be deploying IPv6 services? At what point will the business case for IPv6 have a positive bottom line? It's a tough question to answer, and while advice of "sometime, probably sooner than later" is certainly not wrong, it's also entirely unhelpful as well! more»
You may have seen a new proposal for a "mobile" top-level domain name for use by something called "mobile users" whatever they are. (The domain will not actually be named .mobile, rumours are they are hoping for a coveted one-letter TLD like .m "to make it easier to type on a mobile phone.) Centuries ago, as trademark law began its evolution, we learned one pretty strong rule about building rules for a name system for commerce, and even for non-commerce.
Nobody should be given ownership of generic terms. Nobody should have ownership rights in a generic word like "apple" -- not Apple Computer, not Apple Records, not the Washington State Apple Growers, not a man named John Apple. more»
VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more»
Everyone is probably well aware of the Kashpureff-style DNS cache- poisoning exploit (I'll call this "classic cache poisoning"). For reference, see the original US-CERT advisory prompted by this exploit. Vendors patched their code to appropriately scrub (validate) responses so that caches could not be poisoned. For the next 7-8 years, we didn't hear much about cache poisoning. However, there was still a vulnerability lurking in the code, directly related to cache poisoning. ...On April 7, 2005, the SANS ISC (not to be confused with Internet Systems Consortium) posted an update detailing how Microsoft Windows DNS servers were still being poisoned, even though the "Secure cache against pollution" option was set. The SANS ISC found that Windows DNS servers using BIND4 and BIND8 servers as forwarders were being poisoned. But how could this be? more»
As a long time supporter of the universal namespace operated by IANA, it may come as a surprise that I have joined the Open Root Server Network project (ORSN). I'll try to explain what's going on and what it all means. ...If one of my kids, or anybody anywhere, sits down in front of a web browser and keys in a URL, it ought to just work. They ought to see the same web page that anybody else would see, no matter what country they're in or what their ISP wants or what their local church or government wants. This universality of naming is one of the foundations on which the Internet was built, and it is how the Internet fosters economic growth and social freedoms. It's what makes the Internet different from old Compuserve, old AOL, old MSN, old Minitel, and everything else that has come -- and gone -- before... more»
I wrote this history and analysis of domain tasting for the ICANN Business Constituency membership. It's by no means perfect but I thought I'd share it with those who would like a bit more color on the subject. "Present day 'Domain Tasting' has its roots in 2001 and 2002 when a small group of ambitious domain registrants persuaded two registrars to allow them to register large blocks of domain names for the purpose of establishing which names garnered type-in traffic..." more»
A long long time ago when the Internet was still young and most people were still using clunky Apples, PCs and mainframes; two documents were published by the Advanced Research Projects Agency (ARPA), part of the US Government's Department of Defense. They were called "RFC 821 - Simple Mail Transfer Protocol" and "RFC 822 - Standard for the format of ARPA Internet text messages" respectively. Written by the John Postel and Dave Crocker respectively, often referred to as some of the founding fathers of the Internet, they defined a simple text-based email system for the use of the fledging network then called the "ARPA Internet"... more»
DNS root servers function as part of the Internet backbone, as explained in Wikipedia, and have come under attack a number of times in the past -- although none of the attacks have ever been serious enough to severely hamper the performance of the Internet. In response to some of the common misconceptions about the physical location and total number of DNS root servers in the world, Patrik Faltstrom has put together a visual map on Google, pin-pointing the approximate location of each server around the world. more»
One topic does not appear to have a compellingly obvious localization solution in the multi-lingual world, and that is the Domain Name System (DNS). The subtle difference here is that the DNS is the glue that binds all users' language symbols together, and performing localized adaptations to suit local language use needs is not enough. What we need is a means to allow all of these language symbols to be used within the same system, or "internationalization". more»
The first salvo on NANOG this morning in response to the launch of OpenDNS was a predictable lambasting along the lines of "here comes SiteFinder II". Fortunately the follow-ups were quick to point out that OpenDNS was a far cry from SiteFinder for the obvious reason that people have the choice to use it, nobody had a choice with SiteFinder. ...the real magic here can come from it's use in phishing mitigation. more»
Please do sit down. Should the shock cause you to suddenly lose consciousness, I hereby disclaim all responsibility for any subsequent loss or injury. I'm about to defend the anthrax of the Internet: NAT. Network Address Translation is a hack to enable private IP addresses on one side of a router (inside your network) to talk to public IP addresses on the other side (on the Internet, outside your network). It really doesn't matter how it works. The consequence is that unless the router is specifically configured, outsiders can't get in uninvited. So those on the inside can't, by default, act as servers of any service to the outside world. more»
In January of this year, a frontpage article on WSJ quoted Verizon Chief Executive Ivan Seidenberg "We have to make sure they (Google) don't sit on our network and chew up our capacity". Both AT&T and Bellsouth also made similar statements in the same article. A few days ago, Verizon repeat their call to "End Google's Free Lunch": "A Verizon Communications Inc. executive yesterday accused Google Inc. of freeloading for gaining access to people's homes using a network of lines and cables the phone company spent billions of dollars to build." ...it is no surprise that Network Neutrality, a concept where broadband providers are not to discriminate rivals when they charge tolls or prioritize traffic, is now on the agenda of the US Congress. more»
Convergence as a technology concept has been around for decades. Many have predicted the convergence of electronics and entertainment, of PC's and TV's, and more recently of WiFi and cellular. All of these areas are in fact undergoing various degrees of convergence but there is another area that many are not as familiar with. It is called ENUM...The idea can be extremely useful when you consider that most telephones are limited to twelve keys on a keypad. Ever tried to enter your alphanumeric login ID and password to a web site on a cell phone or Personal Digital Assistant? It is next to impossible! The biggest impact of ENUM will probably be for Voice Over IP (VoIP). In fact, it could be the tipping point. ENUM is a really big deal. more»
Registration of .Pro domains has descended into shambles as the Registry responsible for their administration has allowed a flood of domain registrations which appear to be in breach of the strict rules restricting who can register a .pro domain and the certified credentials required before any such domain can work. more»
