Enhancing DNS Security using Dynamic Firewalling with Network Agents

Size: px
Start display at page:

Download "Enhancing DNS Security using Dynamic Firewalling with Network Agents"

Transcription

1 Proceedings of the Federated Conference on Computer Science and Information Systems pp ISBN Enhancing DNS Security using Dynamic Firewalling with Network gents Joao fonso Foundation for National Scientific Computing Lisbon, Portugal Pedro Veiga Department of Informatics University of Lisbon Lisbon, Portugal bstract In this paper we propose a solution to strengthen the security of Domain Name System (DNS) servers associated with one or more Top Level Domains (TLD). In this way we intend to be able to reduce the security risk when using major internet services, based on DNS. The proposed solution has been developed and tested at FCCN, the TLD manager for the.pt domain. Through the implementation of network sensors that monitor the network in real-time, we are capable to dynamically prevent, detect or limit the scope of attempted intrusions or other types of occurrences to the DNS service. The platform relies heavily on cross-correlation allowing data from a particular sensor to be shared with the others. dministration tasks such as setting up alarms or performing statistical analysis are made through a web-based interface. Index Terms DNS; risk; security; intrusion detection system; real-time;monitoring. O I. INTRODUCTION BSERVING internet usage and world population statistics [1] updated on March 2011, there are 30.2% internet users of the estimated world population of 6.8 billion. If we take a closer look to Europe this value increase to 58.3 %(with a growth rate of 353.1% between 2000 and 2011) and in North merica, there are 78.3 % of internet users (growth rate of 151.7% at same period), as shown in Fig. 1. Figure1. Internet penetration (% population) The DNS service is required to access , browse Web sites, and is needed for normal operation in all major services in the Internet (most of them use critical information, like e-banking). Taking care of the huge number of internet users, and the risk associated with the fact that all major applications requires the DNS service, there is a security risk needed to be reduced. DNS servers assume a pivotal role in the regular running of IP networks today and any disruption to their normal operation can have a dramatic impact on the service they provide and on the global Internet. lthough based on a small set of basic rules, stored in files, and distributed hierarchically, the DNS service has evolved into a very complex system [2]. ccording to other recent studies [3], there are nearly 11.7 million public DNS servers available on the Internet. It is estimated that 52% of them allow arbitrary queries (thus allowing the risks of denial of service attacks or poisoning of the cache). They are still nearly 33% of the cases where the authoritative nameservers of an area are on the same network, which facilitates the attacks of Denial of Service (DOS). Furthermore, the type of attacks targeting the DNS are becoming more sophisticated, making them more difficult to detect and control on time. Examples are the attacks by Fast Flux (ability to quickly move the DNS information about the domain to delay or evade detection) and its recent evolution to Double Flux [4]. central aspect of a security system is the ability to collect statistically useful information about network traffic. This information can be used to monitor the effectiveness of the protective actions, to detect trends in the collected data that might suggest a new type of attack or simply to record important parameters to help improve the performance of the service. The fact that the DNS is based on an autonomous database, distributed by hierarchy, means that whatever solution we use to monitor, it must respect this topology. In this paper we propose a distributed system using a network of sensors, which operate in conjunction with the DNS servers of one or more TLDs, monitoring in real-time the data that passes through them /$25.00 c 2011 IEEE 777

2 778 PROCEEDINGS OF THE FEDCSIS. SZCZECIN, 2011 '/DDC&CEEECD&DDDDC/ "FEDDC&E&CCD & 7D ECDE B CD&D C/ C/E EC/EDDC/ED%EC& CC7EBDECBCC/E"FC '/ DE*CD*/CEDEDE B&D& ECB & C/ C*E7 E D BC C C/ &C C DCE CC7D &CBECEDCC/DDCDDCCD*/C/E C DCE BDEC CED CCE / B C?DC EC C CDD C/ CE D E* C7 C DDDC C/ BCCD CD%BDCD% '/ EDD C/ E D CCEB * CD0E%DB7BDECDEEBDECB *E7CD2DCEB&C(=DEC#CD B* BED C/ EB CD CD 9 EC CB& E%DBCD C/ E# CD 5 C/ C C/EB D C/ CB& E &CB D& CD < EC D B BDECD E EC/E*E7 ## (8'8">)(D )C/DECCBDC/C*DCBDC/DE /C/C/E/DCEBDE*DC/CCDCB =BB +9-'/DE DCD BDDB%ED C/CEBDCDF#F"+5-*E7DCC/E*DC/CCEB GE&:G;%EDDDB(CDBC C &C :("F.; E "F DC C/D CDDCEECBC/EDBDEED F#F" HBE ECB &C E EDC&.DCED "F CED +<- D C*E7 E*DC/C DCEED *DC/C/"FE%ECDCEB'/DDCEEC CD C/C B C ED C//D/ %DDDC& BBEC/"FE%D!D?D EB "F CED CE CDDC& B "F+6-'/DCDCEBDE&BCD ECDC/ECBEBCCEDD%B D'/ DCDDDDECCB+I- 4 B DCEDCEDC*E7CEDB/DEEDB 7C EDCD CDEB E "F CECD B EC CD *D E DC C C/ "F */CB&/*DE& C/EC%DD""FCCDCDCE +,1-" D DCD E CD B &CD CCDCD&"FE%E.ECEDBC/ DDC& C E EDC B E/ DDB"F =ED BCDBCDCEBDGBC'/DC *E7DDB"FE%EEDC/EE%EC/CJCEJ DBDECDCEDE"FB DEDC EB CCB DDBC E &CDF#F"=E&+,,-'/DECDE&C DB C/ CCDCD &D E%DB DECDEEBDC/7DBCCDECB DECDD%DC//C/>BEC8/ EDC&DDBCCDECBCD%CD ###.8'K)"))EL 'CEBC/DDBCED7D"FECD C/E/DCCEC/&CC/C*/%B%DC DE%C/EDC&EEBDD&C/"F EC E%D *CB CED B EDE C/ EDD ' % "D > E E/DCCEEDDDCECB ECCDCD "FE%E*E7DCC/E*DC/%EC*E7E C/C&D%CBBDCBDE*CDCED /DC E & CBDC/C*E7 DCE C/ CED D C C/"F DECCE DBCD& CCD& /CEDDEDC/C/C*/%B%BB CCBBC/DDECDCDCCEDC/C/ DBCDDB/EDC&C/EC %E C*E7 E DCE BDEC EC C/ DECCE B?/ DECD ECB C EDC& CC7#C/D*&/*D D0DC/B D C?/ EDCD EDC& DECD C* C/ E# BBDCD C DE D EE C/D ECD/BE%CCC7E%EE DBCDDB & C/E E DD'/D ED D E%C D 7DB CC7 E BDECB C %E CC/"FDECCE DE0"DEC/BDEBCD B C D )C/D ECE*E7DC/EDC/C DBCD& CED/ C C/"F# EBE C DC C/ CCB/&C/D D C/ E/DCCE B 7 C/"F EC DDC D DC D E& C & /EDCD*/D/ D E CD %C C/ DECD CB E BDEC E B D %DC *D/CC/CBCEBD& '/CC/C*/%/C/%DCD C/ EDC& DDBC "F E C/ E EE &D C& =ED B C/ CCDC*EEC/EE CB B DECD EECB E DCD BCCD &C )E &C C/ *D C %C ECEC/CEC/D7D/BC/EE EDC&DDBC : ; = ,9+ F 109+ E 101

3 JOO FONSO, PEDRO VEIG: ENHNCING DNS SECURITY USING DYNMIC FIREWLLING WITH NETWORK GENTS 779 ECEDBEBD&DC/D )EE:); (EC C/ E CD :DC; C/C/% D% DD E* 7B C/C C/ BDCEDCB C/ BDCB D '# 'F8#4)F'(#F$'#)F) 'K8F$.F8() )$((8F8) )$(8#F.##)$K8$(#'# D, <93 BEE,113 &D:;(CD%CDC/B%DCD C/% EEBB D ECD C C/ %E E%BCCDCDBC/EDCEDB*D/C DBCDDB*D'## 'F8##4)F'(#F$'#)F) 8!8F''L# #8")'8F'#L.##)$)$(8E#!8F#FK8$(#'# 8CDECCEECCC:M (;,113 ECDCEECCCC:#M (; 913 #EEC=E&%91C<93 <93 %EE #EEC=E&%?BD<93,113 GE&%913C/%E 913 &EDD FCC/CC/CDC&C/%D%EEC/ BCEDCD EE % D% C/ D B%CBCCB 'D C* EE:E; CD D C EE D% E BDCEDCB*DC/ C/ *D/CDCBCC/CD*DDC 'F8###4>8#EK') "# 8(8F''#.8F8'>88F8K)$((8F8 C/,.DC,113 C/,KE <93 C/,"& 913 C/,>7 093 #DB:F;FEEC/CEEC7 DC/BBE EC/CD*E%B?ED, O! ND D OD DN # C/ %?ED C/ CE"!#D D EECC/EEDCC/ED C/ DECCE B C?/ DECD C/% '/ C/E CE OENCC7B CB E C/ EEC/CEECEECDEDC& DDBC #CD"CCD&C:#;>DBEBC/ C/ EC CE D E C B C/E E E CEDCB DCE EDC&DDBCECDCC/"FE%D 'F8#!4#F'8()FF8'#)F>#'K'8.)("'E'K8(8" (). #F'($#)F"8'8'#)FL'8. $% &!'!( (D)&* *% 2B3.DBB% 5<3 KD/%,113 E C/ CD%CD D DE* E*D E=DE, '/ /* %C7% =C EECEC/109P 0 '/DCDC*EEEDCEDC/ 8?CD*/ED%DDECDE C/C/EED*/D/DEDCED DDDCP 2 #C ECB C/?DCD */DC DC D C/ EDCE& *D DBEB ED%DB EC/CEC7B #C/D*&*%DBEDDC/#CEC E%D DBED C/ 7& E &B & "F C/ >/DC DC ECC 7& BBE E D 7B D DCD% %C '/D DC D ECB E EEB CCB E*DBBEDCB/EC ECCB E D BBB C C/ DE* )? D C/ DC DCE BBE BC/"FE%E# #CBEC/E%DC/DE**DB CEDC&C/*DCD, 8?BB C/ =ECD EDB B C/ ECEDP 0 '/?ED CD%CD:/EDCD; B C:CD;/7C/EEBE

4 780 PROCEEDINGS OF THE FEDCSIS. SZCZECIN, 2011 #! ())8")$'#)F + /*D D2C/DCDDBC*E7 EDC/C&CCED*DDCC/"F E%E D C/ E %DB E D%DB =ED E C/ DECDED%BEC/EEBDECEDCD EDDC*E7BBE#E/%DE D BCCB E C/E D DD /%DE E ECD C*E7 BBE DC*D 7B D C/ DE* B C/ C/EECDDBC/&CEBD&'/&C C C/ E CD E / ECD C %CC/EEC/E%E B F,!, DEBGECDEBE%EC/ DE* EBDCE BDBCC/C*C//C/ E/BD E C/"F E%E D CECB EBD C CBEB C DE* *B & DD EEBDCC/BBEC/CED7B DECD'/=EDEC/BD%EBCC/EEC &CBBCEBDC/("F.CC/CDC/&C EBC/>EC: D9; DE2F7"DEEBCD E/DECBDC/EDE*C/E*D EDB=ECDBCC/BC/DCDC/E *D %C C/ /%DE C/C E C %C C/ BBCE%C//*D DB DE9FC*E7BC* DECD CB D CEB D BC DCBD.&G+,0-'7DDCDBECDC/ B C CDDC C/ EE C/ =ED B C EBC/%DECDCEBC/BCDBD%DBB DCEBDECC '/ %ED C/ # BBE E B BCDCD:"FE%E;DCDCEEC/*B E / E DDC BC CE B DDDC DE%CDC/%EEEC/CD

5 JOO FONSO, PEDRO VEIG: ENHNCING DNS SECURITY USING DYNMIC FIREWLLING WITH NETWORK GENTS 781 '/ DECD EEBD =ED B D CEB BD&DCB7C%DBEDC/?C21B& '* C CDD C/ C C/C E B&D& DB 4 BB E E%B B DCCD C/C/%CEDEBCEC/EECECDC/ DE* BDCDE%E&CDDEDCEB '/DECDE=DEBBDCDBCCDCDC7 %E?DE D!!(DD-! '/ CCDCD DECD CB B CEB D C/ BC/DDDCCBCD#CDDE? C C E / E C/ %CD =ED E DC CD:/E B& C; B& ECCB E=C"F =ED EE C& B BCED C/ EC/CEBC/ECCD#CD DCC/CBEBB%DCDD%E *ECDCCC/CD*DC/C/C/E/DC+,9- '/ EE C/ "F EC E D EC& EB EEBD C/ E CD E E=C"CDCC&EDCEBBEDEDB DEECDE?BB! 8'$"L )E E /% BE B%C D CE 0115 C F 4*// C/ EDDDC& C EDCE B DCD C/ BD BE C/ ' '" CECCDC/EEC*EDCC/BC C/"F E%E: C C/ EDE&"F B C/E *E7DCC/E*DC/BE&"FE%E; '/C*E7&CEDC/E7+,5-BC/DE*B D# DCE +,2-'/ E CD EE* EEB D % CD C/ DECD ED%B E C/ C/E7 '/>E%EDD/*DC/K (EBD C/ M E%E +,B-* / C/ D% ECE BEDCECBCC/E '/CDECDBEDB%* C/* CE* B%B*C D C/,C E& 011< B C/ BC E C/%ED C* CBEC/,1C/.&0116CD*: D5; DE5>EC # BBDCD C C/ ECD DCED B CD CCDCD ECD C C/ ECD "F E%D /* % C/ CD EB/E D&BCCDDDCCDD%C/CC/CDCD &DE ) C/ DCD* C/ %C FEC/ CCD 'EC&)EDCCD:F');CD01,1CC/ EDB,9C0,F%E01,1 ' EB EDC& ED7 D C/ E C/#CEC D%%B D %C E E DBEB C %E*ECBBBBD&DCED%E C/ '/& *E DDB DC E CED * EC 7D %EC B DBCE&'/ BC CB & / E ECB CCE CCD E / C/ CED B BCC E DCCD EEB*/B%DCD/ECCE: D<; EDC CDDCD*E EEB D F. CE DE<.DCED"FE%DCF')%CQD01,1!# (8$' > EC/E C/ C C/ C,0 C/ BC CD:C*,C.& 011I B 2,C.& 01,1; '/%EE=CCC/EDE&"FE%E DC,I<5IIB5EB&:006E;DCEEB C< C/ C01,, '/ EE C/ BC &D EE D %,0B1 E=C EB E :DCEB%DBCB B DECBDC/BC; $DC/BCCB&C/EBEDC/DCD EDB**ECCCCDCDDECD "D& CCDCD & C& "F EC EDCE BP FE #CECDDCB BD :#"F; =EDP FEBD&=EDC#!5"FC& : D6;

6 782 PROCEEDINGS OF THE FEDCSIS. SZCZECIN, 2011 DE6CCDCD&D&#!5EEBB:; "CC? E :C/C E C EDC& DDBC; E?**E C BCC C/C D%#* D C/ EDE& ' "FE%ECDE%E '/ E =ED B*?D%*/ EB *DC/ C/ %E % E E E/D % C #CEC E%D E%DBEC/CECBEC/'BD "CCDCCDDBDBDE%D CC7*DC/C/?CDD%=ED#C,0 C/ &D C/E E,<") CC7 CEDEB '/&*EDCC&7BBBBEBD =ECD:'!; 'F8! 8M.8 >K8F'K8 8F)("8'8'8" #'$'#)F'K' (8G$#(8"'K8 #(8>($8')KFE D DD????011B9 01,,161910,9BB BB????BB52????,<,00 01,, ,0 (%????BB52????,0I9, 01,,16191BB<,B BB????BB50????,B02I 01,, <0I BB????BB50????,B,2, 01,, (%????BB52!## )F$#)FF" $'$(8>)(D '/DECD/ECB%E/CEBC/ EDC& ED7 C/ DCEC DCD C/C "F E%D)CDDBC/?DCDCDC/C C CCDCD DECD EEBD"F E%D & BBDC/DDC&CBCCBCEDC&DDBCD E CD#C BB C/ B%C ECD D BDCEDCB *& *D C/?/ DECD C* ECD E B C/ EDEC DC *EDC&%EDCDC/ECB EEC& C/ CD ECB B C * C/ ED BBE D C/#%5 EC'/ C/D C C/C B C C/D DCCD E D7B C C/ B C CDDC C/ EE C/ BC EEBE DCD 7D DC D C CE C/ BC E CCD ) D CD E % C/D D D C / C/ BCDCC/CDEDCED F%EC/ =ED B C#%5 BBE E CDBDC/DCD:C&; > E *E7D?CBD C/ BC EECD DDCD C/ &C & BBD DECD CB EC/E:DCDBCCD&CEDC; > CDDC C/C C/D B % E/ C EB DBE& C/ E DCD% B CD%+,<- (8 8(8F8 +,- #CEC $ B >EB CD CCDCD*DC + /CCQQ***DCEC*EBCCQCC/C- C B <C01,, 011< +2- " > J (C "F E%&J "F)( F%E011< +B- +9- G"F *DC +/CCQQ/CDDC6161QRC0,1990Q =B/C-CB<C01,, +5- F#F" *DC +/CCQQ***DEQEBCQF#F"- C B<C01,, +<- F "F CED.& !D?D" > "F 4"F CED CE CDDC&#">E7/&011< +I- " > J>/C F* *DC/ "J "F)( F%E011< +,1- *E FE7& FCD ECE&'B*DC /CCQQ***CBE +,,- / DEDC J CCB#DBC( &C $DF#F"GE&J0115 +,0-.&G *DC 4 :) E "C; +/CCQQ***&=-CB<C01,, +,2-# #'8( 4 'Q# DE*QF' C*E +/CCQQBQR%- C B < C01,, +,B- DCBE 8B 8?CD.D B E EC:M.;E( 2I01011B +,9- S 8BB.CDE J"%C #CECB CD E#CD"CCD.B FB "C EECDJ D E C/ #888 #FT15 #CECD E FC*E7D B E%D #FT15DD!&$&0115 +,5-'/E7 *DC 4 '/ >DE/E7 FC*E7 &CE +/CCQQ****DE/E7E-CB<C01,, +,<- '%"D('DDCED*DC/FC*E7 >F0116B C/ #8884#CECD>E7/ >DE B E FC*E7 EDC& CC $ 0I CE40)CE0116

DNS Security Control Measures: A heuristic-based Approach to Identify Real-time incidents

DNS Security Control Measures: A heuristic-based Approach to Identify Real-time incidents DNS Security Control Measures: A heuristic-based Approach to Identify Real-time incidents Joao Afonso Foundation for National Scientific Computing Lisbon, Portugal e-mail: joao.afonso@fccn.pt Pedro Veiga

More information

Protecting the DNS Infrastructure of a Top Level Domain: Real-Time monitoring with Network Sensors

Protecting the DNS Infrastructure of a Top Level Domain: Real-Time monitoring with Network Sensors Protecting the DNS Infrastructure of a Top Level Domain: Real-Time monitoring with Network Sensors loao Afonso FCCN 1 Lisbon, Portugal joao. afonso({j)fecn.pt Pedro Veiga University oflisbon Lisbon, Portugal

More information

ROY G. BIV s Color Lab: Word Color Theme Analysis, 2013 Digital FX media 2007

ROY G. BIV s Color Lab: Word Color Theme Analysis, 2013 Digital FX media 2007 Swatch Name: Office (Text/Back Dark 1 is Black. Text/Back Light 1 is White. Hyperlink is Blue (0, 0, 255), Followed Hyperlink is Purple (128, 0, 128). 31-73-125 1f497d 238-236-225 eeece1 79-129-189 4f81bd

More information

Visa Smart Debit/Credit Certificate Authority Public Keys

Visa Smart Debit/Credit Certificate Authority Public Keys CHIP AND NEW TECHNOLOGIES Visa Smart Debit/Credit Certificate Authority Public Keys Overview The EMV standard calls for the use of Public Key technology for offline authentication, for aspects of online

More information

Research Article Improving DNS Security Using Active Firewalling with Network Probes

Research Article Improving DNS Security Using Active Firewalling with Network Probes Distributed Sensor Networks Volume 2012, Article ID 684180, 7 pages doi:10.1155/2012/684180 Research Article Improving DNS Security Using Active Firewalling with Network Probes Joao Afonso 1 and Pedro

More information

EMDX3 Multifunction meter Cat No. 146 69 ModbusTable LGR EN v1.01.xls

EMDX3 Multifunction meter Cat No. 146 69 ModbusTable LGR EN v1.01.xls GENERAL MODBUS TABLE ORGANIZATION Starting of the Starting of the Group s Group s System Version (Release) System Version (Build) Group Name (Text) Group Code Group Complexity Group Version 50512 C550

More information

DATING YOUR GUILD 1952-1960

DATING YOUR GUILD 1952-1960 DATING YOUR GUILD 1952-1960 YEAR APPROXIMATE LAST SERIAL NUMBER PRODUCED 1953 1000-1500 1954 1500-2200 1955 2200-3000 1956 3000-4000 1957 4000-5700 1958 5700-8300 1959 12035 1960-1969 This chart displays

More information

South Texas Educational Technologies, Inc. TEL (956)969-3092 FAX (956)969-8614 Tomorrow s Education Today... 519 S. TEXAS BLVD WESLACO, TX 78596

South Texas Educational Technologies, Inc. TEL (956)969-3092 FAX (956)969-8614 Tomorrow s Education Today... 519 S. TEXAS BLVD WESLACO, TX 78596 South Texas Educational Technologies, Inc. TEL (956)969-3092 FAX (956)969-8614 Tomorrow s Education Today... 519 S. TEXAS BLVD WESLACO, TX 78596 The following documents are required for employment consideration.

More information

SERVER CERTIFICATES OF THE VETUMA SERVICE

SERVER CERTIFICATES OF THE VETUMA SERVICE Page 1 Version: 3.4, 19.12.2014 SERVER CERTIFICATES OF THE VETUMA SERVICE 1 (18) Page 2 Version: 3.4, 19.12.2014 Table of Contents 1. Introduction... 3 2. Test Environment... 3 2.1 Vetuma test environment...

More information

SERVER CERTIFICATES OF THE VETUMA SERVICE

SERVER CERTIFICATES OF THE VETUMA SERVICE Page 1 Version: 3.5, 4.11.2015 SERVER CERTIFICATES OF THE VETUMA SERVICE 1 (18) Page 2 Version: 3.5, 4.11.2015 Table of Contents 1. Introduction... 3 2. Test Environment... 3 2.1 Vetuma test environment...

More information

Menu. #Cours 1 #Plan 1. #Cours 2 #Plan 2. #Cours 3 #Plan 3. #Cours 4 #Plan 4. #Cours 5 #Plan 5. #Cours 6 #Plan 6. #Cours 7 #Plan 7.

Menu. #Cours 1 #Plan 1. #Cours 2 #Plan 2. #Cours 3 #Plan 3. #Cours 4 #Plan 4. #Cours 5 #Plan 5. #Cours 6 #Plan 6. #Cours 7 #Plan 7. Menu Liste des Logiciels Plan des salles #Cours 1 #Plan 1 #Cours 2 #Plan 2 #Cours 3 #Plan 3 #Cours 4 #Plan 4 #Cours 5 #Plan 5 #Cours 6 #Plan 6 #Cours 7 #Plan 7 #Cours 8 #Plan 8 #Cours 9 #Plan 9 #Libre

More information

USB HID to PS/2 Scan Code Translation Table

USB HID to PS/2 Scan Code Translation Table Key Name HID Usage Page HID Usage ID PS/2 Set 1 Make* PS/2 Set 1 Break* PS/2 Set 2 Make PS/2 Set 2 Break System Power 01 81 E0 5E E0 DE E0 37 E0 F0 37 System Sleep 01 82 E0 5F E0 DF E0 3F E0 F0 3F System

More information

DNS Cache Poisoning Vulnerability Explanation and Remedies Viareggio, Italy October 2008

DNS Cache Poisoning Vulnerability Explanation and Remedies Viareggio, Italy October 2008 DNS Cache Poisoning Vulnerability Explanation and Remedies Viareggio, Italy October 2008 Kim Davies Internet Assigned Numbers Authority Internet Corporation for Assigned Names & Numbers Agenda How do you

More information

Proceedings of the Federated Conference on Computer Science and Information Systems pp. 1005 1011

Proceedings of the Federated Conference on Computer Science and Information Systems pp. 1005 1011 Proceedings of the Federated Conference on Computer Science and Information Systems pp. 1005 1011 ISBN 978-83-60810-22-4 978-83-60810-22-4/$25.00 c 2011 IEEE 1005 1006 PROCEEDINGS OF THE FEDCSIS. SZCZECIN,

More information

CROSS REFERENCE. Cross Reference Index 110-122. Cast ID Number 110-111 Connector ID Number 111 Engine ID Number 112-122. 2015 Ford Motor Company 109

CROSS REFERENCE. Cross Reference Index 110-122. Cast ID Number 110-111 Connector ID Number 111 Engine ID Number 112-122. 2015 Ford Motor Company 109 CROSS REFERENCE Cross Reference Index 110-122 Cast ID Number 110-111 Connector ID Number 111 112-122 2015 Ford Motor Company 109 CROSS REFERENCE Cast ID Number Cast ID Ford Service # MC Part # Part Type

More information

A usage coverage based approach for assessing product family design

A usage coverage based approach for assessing product family design A usage coverage based approach for assessing product family design Jiliang Wang To cite this version: Jiliang Wang. A usage coverage based approach for assessing product family design. Other. Ecole Centrale

More information

How to create OpenDocument URL s with SAP BusinessObjects BI 4.0

How to create OpenDocument URL s with SAP BusinessObjects BI 4.0 How to create OpenDocument URL s with SAP BusinessObjects BI 4.0 Creator: Twitter: Blog: Pieter Verstraeten http://www.twitter.com/pverstraeten http://www.pieterverstraeten.com/blog Hi, Thanks for downloading

More information

2008 DNS Cache Poisoning Vulnerability Cairo, Egypt November 2008

2008 DNS Cache Poisoning Vulnerability Cairo, Egypt November 2008 2008 DNS Cache Poisoning Vulnerability Cairo, Egypt November 2008 Kim Davies Manager, Root Zone Services Internet Corporation for Assigned Names & Numbers How does the DNS work? A typical DNS query The

More information

A DIVISION OF THE MENO. Meno proposes a question: whether virtue can be taught. Three conversations or discussions following question

A DIVISION OF THE MENO. Meno proposes a question: whether virtue can be taught. Three conversations or discussions following question A DIVISION OF THE MENO 70A 70B-100B Meno proposes a question: whether virtue can be taught Three conversations or discussions following question 70B-80D Conversation on a question before Meno's: what is

More information

Security of Online Social Networks

Security of Online Social Networks Security of Online Social Networks Lehrstuhl IT-Sicherheitsmanagment Universität Siegen April 19, 2012 Lehrstuhl IT-Sicherheitsmanagment 1/36 Overview Lesson 02 Authentication Web Login Implementation

More information

SL-8800 HDCP 2.2 and HDCP 1.x Protocol Analyzer for HDMI User Guide

SL-8800 HDCP 2.2 and HDCP 1.x Protocol Analyzer for HDMI User Guide SL-8800 HDCP 2.2 and HDCP 1.x Protocol Analyzer for HDMI Simplay-UG-02003-A July 2015 Contents 1. Overview... 4 1.1. SL-8800 HDCP Protocol Analyzer Test Equipment... 4 1.2. HDCP 2.2/HDCP 1.x Protocol Analyzer

More information

A Study of Network Security Systems

A Study of Network Security Systems A Study of Network Security Systems Ramy K. Khalil, Fayez W. Zaki, Mohamed M. Ashour, Mohamed A. Mohamed Department of Communication and Electronics Mansoura University El Gomhorya Street, Mansora,Dakahlya

More information

THE MASTER LIST OF DNS TERMINOLOGY. v 2.0

THE MASTER LIST OF DNS TERMINOLOGY. v 2.0 THE MASTER LIST OF DNS TERMINOLOGY v 2.0 DNS can be hard to understand and if you re unfamiliar with the terminology, learning more about DNS can seem as daunting as learning a new language. To help people

More information

Community College of Philadelphia Calling Code 218 Employer Scan Client Approved: November 17, 2005 Region (CIRCLE) City MSA

Community College of Philadelphia Calling Code 218 Employer Scan Client Approved: November 17, 2005 Region (CIRCLE) City MSA Community College of Philadelphia Calling Code 218 Employer Scan Client Approved: November 17, 2005 Region (CIRCLE) City MSA Zip V0 V1 V2 Month/ Day/ Year of Contact: Business Name: Address: V3 City: V4

More information

LASTLINE WHITEPAPER. Using Passive DNS Analysis to Automatically Detect Malicious Domains

LASTLINE WHITEPAPER. Using Passive DNS Analysis to Automatically Detect Malicious Domains LASTLINE WHITEPAPER Using Passive DNS Analysis to Automatically Detect Malicious Domains Abstract The domain name service (DNS) plays an important role in the operation of the Internet, providing a two-way

More information

Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.7

Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.7 Written By: Adam Berent Advanced Encryption Standard by Example V.1.7 1.0 Preface The following document provides a detailed and easy to understand explanation of the implementation of the AES (RIJNDAEL)

More information

Application Note RMF Magic 5.1.0: EMC Array Group and EMC SRDF/A Reporting. July 2009

Application Note RMF Magic 5.1.0: EMC Array Group and EMC SRDF/A Reporting. July 2009 Application Note RMF Magic 5.1.0: EMC Array Group and EMC SRDF/A Reporting July 2009 Summary: This Application Note describes the new functionality in RMF Magic 5.1 that enables more effective monitoring

More information

BIND 10 the next BIG thing

BIND 10 the next BIG thing BIND 10 the next BIG thing What is it? BIND10 will be the next step in the evolution of DNS & DHCP More evolution than revolution in the code sense More revolution than evolution in the UI sense Product

More information

Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.5

Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.5 Written By: Adam Berent Advanced Encryption Standard by Example V.1.5 1.0 Preface The following document provides a detailed and easy to understand explanation of the implementation of the AES (RIJNDAEL)

More information

english parliament of finland

english parliament of finland gh f fd 213 P cvd f h f y f h g 4 Fby 213. E H (Sc Dcc Py) w -cd S, P Rv (N C Py) F Dy S d A Jh (Th F Py) Scd Dy S. Th g c c 5 Fby, wh Pd f h Rbc S Nö d P f h f fwg h c 212. P g dc c 12 Fby h b f P M c.

More information

Distributed Denial of Service Attacks

Distributed Denial of Service Attacks Distributed Denial of Service Attacks Steve Crocker Chair, SSAC June 25, 2007 San Juan, Puerto Rico 1 Agenda Types of Attacks DDoS attacks Amplified DDoS attacks - 2006 Estonia - May 2007 What do Do 2

More information

0242-1. HSR TRAINING COURSE REQUIREMENTS HSR Training Course Guidance Booklet 2

0242-1. HSR TRAINING COURSE REQUIREMENTS HSR Training Course Guidance Booklet 2 0242-1 HSR TRAINING COURSE REQUIREMENTS HSR Training Course Guidance Booklet 2 SafeWork SA 2 Contents Introduction... 4 Learning resources... 4 PART 1 UNDERPINNING PRINCIPLES FOR THE DEVELOPMENT OF A SAFEWORK

More information

Privacy-preserving Analysis Technique for Secure, Cloud-based Big Data Analytics

Privacy-preserving Analysis Technique for Secure, Cloud-based Big Data Analytics 577 Hitachi Review Vol. 63 (2014),. 9 Featured Articles Privacy-preserving Analysis Technique for Secure, Cloud-based Big Data Analytics Ken Naganuma Masayuki Yoshino, Ph.D. Hisayoshi Sato, Ph.D. Yoshinori

More information

DIRIS A40/A41 RS485 JBUS/MODBUS. Operating instructions F GB D I NL E P

DIRIS A40/A41 RS485 JBUS/MODBUS. Operating instructions F GB D I NL E P DIRIS A40/A41 RS485 JBUS/MODBUS Operating instructions F GB D I NL E P COM DIRIS A40/A41 - Ref.: 536 103 A GB GB Contents PRELIMINARY OPERATIONS 4 GENERAL INFORMATION 4 INSTALLATION 5 CONNECTION 5 PROGRAMMING

More information

Dušan Bernát (bernat@fiit.stuba.sk)

Dušan Bernát (bernat@fiit.stuba.sk) Domain Name System as a Memory and Communication Medium Dušan Bernát (bernat@fiit.stuba.sk) Institute of Computer Systems and Networks, Faculty of Informatics and Information Technology, STU Bratislava,

More information

MAC Address Management

MAC Address Management D MAC Address Management Contents Overview.................................................... D-2.................................. D-3 Menu: Viewing the Switch s MAC Addresses.................... D-4

More information

The colors in the Federal Standard set have no official names, just five-digit numbers. Any names given below are generic.

The colors in the Federal Standard set have no official names, just five-digit numbers. Any names given below are generic. Federal Standard 595 Paint Spec Information The following information is made available to our customers as a reference point only. See below for how to request the 595 specification from the US Government.

More information

Report of Independent Accountant on SSL CORP d/b/a SSL.COM CA s Root Key Generation

Report of Independent Accountant on SSL CORP d/b/a SSL.COM CA s Root Key Generation Tel: 314-889-1100 Fax: 314-889-1101 www.bdo.com 101 South Hanley Road, Suite 800 St. Louis, MO 63105 Report of Independent Accountant on SSL CORP d/b/a SSL.COM CA s Root Key Generation To The Management

More information

english parliament of finland

english parliament of finland gh f fd 2012 P cvd f h f y f h g Mdy, 6 Fby 2012. A h d MP, K T hd h ch h c f h S. E H (Sc Dcc Py) w -cd S, P Rv (N C Py) F Dy S d A Jh (F Py) Scd Dy S. Th g c c Tdy, 7 Fby, whch Pd f h Rbc Tj H d P f

More information

Luxembourg (Luxembourg): Trusted List

Luxembourg (Luxembourg): Trusted List Luxembourg (Luxembourg): Trusted List Institut Luxembourgeois de la Normalisation, de l'accréditation de la Sécurité et qualité des produits et services Scheme Information TSL Version 4 TSL Sequence Number

More information

Root zone update for TLD managers Mexico City, Mexico March 2009

Root zone update for TLD managers Mexico City, Mexico March 2009 Root zone update for TLD managers Mexico City, Mexico March 2009 Kim Davies Manager, Root Zone Services Internet Corporation for Assigned Names & Numbers A quick census 280 delegated 11 testing 280 delegated

More information

Name. Description. Rationale

Name. Description. Rationale Complliiance Componentt Description DEEFFI INITION Network-Based Intrusion Detection Systems (NIDS) Network-Based Intrusion Detection Systems (NIDS) detect attacks by capturing and analyzing network traffic.

More information

Global Server Load Balancing

Global Server Load Balancing White Paper Overview Many enterprises attempt to scale Web and network capacity by deploying additional servers and increased infrastructure at a single location, but centralized architectures are subject

More information

Pattern Co. Monkey Trouble Wall Quilt. Size: 48" x 58"

Pattern Co. Monkey Trouble Wall Quilt. Size: 48 x 58 .............................................................................................................................................. Pattern Co..........................................................................................

More information

Modbus Register Map: Environmental Management System and Environmental Monitoring Unit 990-0589A 02/2005

Modbus Register Map: Environmental Management System and Environmental Monitoring Unit 990-0589A 02/2005 // Version 102 //Absolute Starting Register Number, (Hexadecimal) Modbus Register Map: Environmental Management System and Environmental Monitoring Unit 990-0589A 02/2005 Absolute Starting Register Number,

More information

KALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard

KALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard KALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard Dr. Gavekort c/o Vakiopaine Bar Kauppakatu 6, 41 Jyväskylä FINLAND mjos@iki.fi Abstract. We have discovered that the

More information

Lesson 13: DNS Security. Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division

Lesson 13: DNS Security. Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division Lesson 13: DNS Security Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division Introduction to DNS The DNS enables people to use and surf the Internet, allowing the translation

More information

PCI Security Scan Procedures. Version 1.0 December 2004

PCI Security Scan Procedures. Version 1.0 December 2004 PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting

More information

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3. Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System

More information

Mission 1: The Bot Hunter

Mission 1: The Bot Hunter Mission 1: The Bot Hunter Mission: Interpol have asked the BSidesLondon Unhackable Mission Force to penetrate and shut down a notorious botnet. Our only clue is a recovered bot executable which we hope

More information

THE MASTER LIST OF DNS TERMINOLOGY. First Edition

THE MASTER LIST OF DNS TERMINOLOGY. First Edition THE MASTER LIST OF DNS TERMINOLOGY First Edition DNS can be hard to understand and if you re unfamiliar with the terminology, learning more about DNS can seem as daunting as learning a new language. To

More information

Securing Web Applications...at the Network Layer

Securing Web Applications...at the Network Layer Securing Web Applications......at the Network Layer OWASP Spain Chapter Meeting 16 th June, 2006 Barcelona (ES) Carlos Fragoso Mariscal Chief Technical Director carlos@jessland.net Securing Web Applications

More information

Computer Networks: Domain Name System

Computer Networks: Domain Name System Computer Networks: Domain Name System Domain Name System The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses DNS www.example.com 208.77.188.166 http://www.example.com

More information

I Have...Who Has... Multiplication Game

I Have...Who Has... Multiplication Game How to play the game: Distribute the cards randomly to your students. Some students may get more than one card. Select a student to begin by reading their card aloud. (example: 35. who has 4x4?) 35 4 x

More information

Geometry Handout 2 ~ Page 1

Geometry Handout 2 ~ Page 1 1. Given: a b, b c a c Guidance: Draw a line which intersects with all three lines. 2. Given: a b, c a a. c b b. Given: d b d c 3. Given: a c, b d a. α = β b. Given: e and f bisect angles α and β respectively.

More information

PROFESSIONAL SECURITY SYSTEMS

PROFESSIONAL SECURITY SYSTEMS PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security

More information

3. April 2013 IT ZERTIFIKATE. Zertifizierungsstellen / Certification Center. IT Sicherheit UNTERNEHMENSBEREICH IT

3. April 2013 IT ZERTIFIKATE. Zertifizierungsstellen / Certification Center. IT Sicherheit UNTERNEHMENSBEREICH IT IT Sicherheit UNTERNEHMENSBEREICH IT IT ZERTIFIKATE 3. April 2013 Zertifizierungsstellen / Certification Center D-TRUST D-Trust Root Class 2 CA2007 Aussteller/Issuer: D-TRUST Root Class 2 CA 2007 Gültig

More information

!! Last configuration change at 15:00:48 gmt Thu Oct 11 2012 by admin! NVRAM config last updated at 03:07:42 gmt Wed Nov 14 2012 by admin!

!! Last configuration change at 15:00:48 gmt Thu Oct 11 2012 by admin! NVRAM config last updated at 03:07:42 gmt Wed Nov 14 2012 by admin! Last configuration change at 15:00:48 gmt Thu Oct 11 2012 by admin NVRAM config last updated at 03:07:42 gmt Wed Nov 14 2012 by admin version 12.2 no service pad service timestamps debug datetime msec

More information

DOMAIN NAME SECURITY EXTENSIONS

DOMAIN NAME SECURITY EXTENSIONS DOMAIN NAME SECURITY EXTENSIONS The aim of this paper is to provide information with regards to the current status of Domain Name System (DNS) and its evolution into Domain Name System Security Extensions

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning

More information

Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security

Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security Foreword p. xvii Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security Information to Management p. 5 Example of an

More information

EMV (Chip-and-PIN) Protocol

EMV (Chip-and-PIN) Protocol EMV (Chip-and-PIN) Protocol Märt Bakhoff December 15, 2014 Abstract The objective of this report is to observe and describe a real world online transaction made between a debit card issued by an Estonian

More information

HTML Codes - Characters and symbols

HTML Codes - Characters and symbols ASCII Codes HTML Codes Conversion References Control Characters English version Versión español Click here to add this link to your favorites. HTML Codes - Characters and symbols Standard ASCII set, HTML

More information

SANE: A Protection Architecture For Enterprise Networks

SANE: A Protection Architecture For Enterprise Networks Fakultät IV Elektrotechnik und Informatik Intelligent Networks and Management of Distributed Systems Research Group Prof. Anja Feldmann, Ph.D. SANE: A Protection Architecture For Enterprise Networks WS

More information

HTML Example. List. x-large xx-large. TCPDF Example 006 by Nicola Asuni - Tecnick.com www.tcpdf.org

HTML Example. List. x-large xx-large. TCPDF Example 006 by Nicola Asuni - Tecnick.com www.tcpdf.org HTML Example Some special characters: < & è è > \slash \\double-slash \\\triple-slash List List example: 1. test image 2. bold text 3. italic text 4. underlined text 5. bbibiubib 6. link to http://www.tecnick.com

More information

The SIEM Evaluator s Guide

The SIEM Evaluator s Guide Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,

More information

ÉVALUATION DU RISQUE POUR LA SÉCURITÉ DES RÉSEAUX ÉLECTRIQUE FACE AUX ÉVÉNEMENTS INTENTIONNELS

ÉVALUATION DU RISQUE POUR LA SÉCURITÉ DES RÉSEAUX ÉLECTRIQUE FACE AUX ÉVÉNEMENTS INTENTIONNELS ÉVALUATION DU RISQUE POUR LA SÉCURITÉ DES RÉSEAUX ÉLECTRIQUE FACE AUX ÉVÉNEMENTS INTENTIONNELS Carolina Tranchita To cite this version: Carolina Tranchita. ÉVALUATION DU RISQUE POUR LA SÉCURITÉ DES RÉSEAUX

More information

Why an Intelligent WAN Solution is Essential for Mission Critical Networks

Why an Intelligent WAN Solution is Essential for Mission Critical Networks Why an Intelligent WAN Solution is Essential for Mission Critical Networks White Paper Series WP100135 Charles Tucker Director of Marketing June 1, 2006 Abstract: Reliable Internet connectivity is now

More information

EECS 489 Winter 2010 Midterm Exam

EECS 489 Winter 2010 Midterm Exam EECS 489 Winter 2010 Midterm Exam Name: This is an open-book, open-resources exam. Explain or show your work for each question. Your grade will be severely deducted if you don t show your work, even if

More information

System Specification. Author: CMU Team

System Specification. Author: CMU Team System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect

More information

ASCII CODES WITH GREEK CHARACTERS

ASCII CODES WITH GREEK CHARACTERS ASCII CODES WITH GREEK CHARACTERS Dec Hex Char Description 0 0 NUL (Null) 1 1 SOH (Start of Header) 2 2 STX (Start of Text) 3 3 ETX (End of Text) 4 4 EOT (End of Transmission) 5 5 ENQ (Enquiry) 6 6 ACK

More information

Gameover Zeus Bad Guys and Backends

Gameover Zeus Bad Guys and Backends Gameover Zeus Bad Guys and Backends Elliott Peterson, Michael Sandee, Tillmann Werner August 5, 2015 Cui Honorem, Honorem Dr. Brett Stone-Gross, Dell SecureWorks Frank Ruiz, Fox-IT Dr. Christian Rossow,

More information

Research Article Engineering Change Orders Design Using Multiple Variables Linear Programming for VLSI Design

Research Article Engineering Change Orders Design Using Multiple Variables Linear Programming for VLSI Design VLSI Design, rticle ID 698041, 5 pages http://dx.doi.org/10.1155/2014/698041 Research rticle Engineering Change Orders Design Using Multiple Variables Linear Programming for VLSI Design Yu-Cheng Fan, Chih-Kang

More information

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions Find your network example: 1. Basic network with and 2 WAN lines - click here 2. Add a web server to the LAN - click here 3. Add a web,

More information

Current Counter-measures and Responses by the Domain Name System Community

Current Counter-measures and Responses by the Domain Name System Community Current Counter-measures and Responses by the Domain Name System Community Paul Twomey President and CEO 22 April 2007 APEC-OECD Malware Workshop Manila, The Philippines 1 What I want to do today in 15

More information

Measures to Protect (University) Domain Registrations and DNS Against Attacks. Dave Piscitello, ICANN dave.piscitello@icann.org

Measures to Protect (University) Domain Registrations and DNS Against Attacks. Dave Piscitello, ICANN dave.piscitello@icann.org Measures to Protect (University) Domain Registrations and DNS Against Attacks Dave Piscitello, ICANN dave.piscitello@icann.org Why are we talking about Domain names and DNS? Domain names and URLs define

More information

The current version of this document can always be found at http://www.nic.cz/csirt.

The current version of this document can always be found at http://www.nic.cz/csirt. 1 RFC 2350 1.1 1. Document Information This document contains a description of CZ.NIC-CSIRT according to RFC 2350. It provides basic information about the CSIRT team, the ways it can be contacted, describes

More information

NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Medical Professional Issues

NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Medical Professional Issues NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS COURSE IDENTIFICATION Course Code/Number: ALMA 110 Course Title: Medical Professional Issues Division: Applied Science (AS) Liberal Arts (LA) Workforce

More information

Lab 4 Domain Name System - DNS CMPE 150

Lab 4 Domain Name System - DNS CMPE 150 Lab 4 Domain Name System - DNS CMPE 150 Lab Report Reports must be written and submitted individually as PDFs. Submission Instructions: Submit your report on the ecommons by 11:55 PM on the day of your

More information

Tools for penetration tests 1. Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus.

Tools for penetration tests 1. Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus. Tools for penetration tests 1 Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus. What is a penetration test? Goals: 1. Analysis of an IT-environment and search

More information

The Impact of DNSSEC. Matthäus Wander. on the Internet Landscape. Duisburg, June 19, 2015

The Impact of DNSSEC. Matthäus Wander. on the Internet Landscape. <matthaeus.wander@uni-due.de> Duisburg, June 19, 2015 The Impact of DNSSEC on the Internet Landscape Matthäus Wander Duisburg, June 19, 2015 Outline Domain Name System Security problems Attacks in practice DNS Security Extensions

More information

Internet Monitoring via DNS Traffic Analysis. Wenke Lee Georgia Institute of Technology

Internet Monitoring via DNS Traffic Analysis. Wenke Lee Georgia Institute of Technology Internet Monitoring via DNS Traffic Analysis Wenke Lee Georgia Institute of Technology 0 Malware Networks (Botnets) 1 From General-Purpose to Targeted Attacks 11/14/12 2 Command and Control l Botnet design:

More information

DOMAIN NAME SYSTEM (DNS)

DOMAIN NAME SYSTEM (DNS) CPNI viewpoint 01/2008 DOMAIN NAME SYSTEM (DNS) may 2008 Abstract This Viewpoint considers some of the security considerations of the Domain Name System and makes some observations regarding how organisations

More information

Service following and traffic announcements technical trial April 2013

Service following and traffic announcements technical trial April 2013 Service following and traffic announcements technical trial April 2013 Contents 1.0 Summary of results 1.1 Background 1.2 Trial objectives 1.3 Service following 1.4 Announcement switching 2.0 The trial

More information

T360 Barbecue. Assembly Manual. 85-3052-6 (G30531) Propane 1 YEAR LIMITED WARRANTY

T360 Barbecue. Assembly Manual. 85-3052-6 (G30531) Propane 1 YEAR LIMITED WARRANTY T360 Barbecue Assembly Manual 85-3052-6 (G30531) Propane 1 YEAR LIMITED WARRANTY READ AND SAVE MANUAL FOR FUTURE REFERENCE. If pre-assembled, leave this manual with unit for consumer s future reference.

More information

APPENDIX A: ERROR CODES

APPENDIX A: ERROR CODES APPENDIX A: ERROR 20001 Unable to load a Remove and replace cassette Check the micro-switch located on the inside left wall of the 20002 Low Cash. Replenish the cash If using less than 75 bills, disable

More information

Classifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy. 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs

Classifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy. 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs Classifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs Motivation Network resources are consumed by a small number

More information

BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE

BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE Your external DNS is a mission critical business resource. Without

More information

A Review on Intrusion Detection System to Protect Cloud Data

A Review on Intrusion Detection System to Protect Cloud Data A Review on Intrusion Detection System to Protect Cloud Data Shivani Arora 1, Rajesh Kumar Bawa 2 M.Tech Student 1, Associate Professor 2 Department of Computer Science, Punjabi University Patiala 1, 2

More information

WHITE PAPER. DNS: Key Considerations Before Deploying Your Solution

WHITE PAPER. DNS: Key Considerations Before Deploying Your Solution WHITE PAPER DNS: Key Considerations Before Deploying Your Solution TABLE OF CONTENTS What is DNS?... 2 Why Does DNS Matter?... 2 Options for building a DNS infrastructure... 3 How to Choose the Right DNS

More information

WAN Traffic Management with PowerLink Pro100

WAN Traffic Management with PowerLink Pro100 Whitepaper WAN Traffic Management with PowerLink Pro100 Overview In today s Internet marketplace, optimizing online presence is crucial for business success. Wan/ISP link failover and traffic management

More information

web hosting and domain names

web hosting and domain names web hosting and domain names web hosting An internet service provider (ISP) provides internet services A common internet service is web hosting web hosting means storing your website on a public server

More information

Types of hypertext. Hypertext documents can either be 1.Static 2.Dynamic

Types of hypertext. Hypertext documents can either be 1.Static 2.Dynamic Hypertext Hypertext is text displayed on a computer or other electronic device with references (hyperlinks) to other text that the reader can immediately access, usually by a mouse click or key press sequence.

More information

Why contribute passive DNS data to ISC?

Why contribute passive DNS data to ISC? Join The Global Passive DNS (pdns) Network Today & Gain Effective Tools To Fight Against Cyber Crime Why contribute passive DNS data to ISC? ISC - the Public Benefit Company that works to sustain the spirit

More information

A Plan for the Continued Development of the DNS Statistics Collector

A Plan for the Continued Development of the DNS Statistics Collector A Plan for the Continued Development of the DNS Statistics Collector Background The DNS Statistics Collector ( DSC ) software was initially developed under the National Science Foundation grant "Improving

More information

DoS: Attack and Defense

DoS: Attack and Defense DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches

More information

.Masr IDN registry system. National Telecom Regulatory Authority Of EGYPT ( NTRA ) ( 20 Min )

.Masr IDN registry system. National Telecom Regulatory Authority Of EGYPT ( NTRA ) ( 20 Min ) ). مصر (.Masr IDN registry system National Telecom Regulatory Authority Of EGYPT ( NTRA ) ( 20 Min ) If you talk to a man in a language he understands, that goes to his head. If you talk to him in his

More information

CS-150L Computing for Business Students Future Value of a Retirement Annuity

CS-150L Computing for Business Students Future Value of a Retirement Annuity CS-150L Computing for Business Students Future Value of a Retirement Annuity Instructor: Matthew Barrick e-mail: barrick@cs.unm.edu www.cs.unm.edu/~barrick Office: Farris Engineering Center (FEC) room

More information

NetFlow use cases. ICmyNet / NetVizura. Miloš Zeković, milos.zekovic@soneco.rs. ICmyNet Chief Customer Officer Soneco d.o.o.

NetFlow use cases. ICmyNet / NetVizura. Miloš Zeković, milos.zekovic@soneco.rs. ICmyNet Chief Customer Officer Soneco d.o.o. NetFlow use cases ICmyNet / NetVizura, milos.zekovic@soneco.rs Soneco d.o.o. Serbia Agenda ICmyNet / NetVizura overview Use cases / case studies Statistics per exporter/interfaces Traffic Patterns NREN

More information

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323

More information