“Unless we’re willing to rethink today’s Internet,” says Nick McKeown, a Stanford engineer involved in building a new Internet, “we’re just waiting for a series of public catastrophes.”
That was driven home late last year, when a malicious software program thought to have been unleashed by a criminal gang in Eastern Europe suddenly appeared after easily sidestepping the world’s best cyberdefenses. Known as Conficker, it quickly infected more than 12 million computers, ravaging everything from the computer system at a surgical ward in England to the computer networks of the French military.
Do We Need a New Internet? - NYTimes.com
Internet, Security
Australian Geoff Huston is one of the foremost authorities on Internet routing and scaling issues. We sent Huston a few questions about the U.S. government’s plan to bolster R&D to secure the Internet’s core routing protocol, the Border Gateway Protocol (BGP).
Detecting Internet routing “lies” - Network World
Internet, Security
The U.S. federal government is accelerating its efforts to secure the Internet’s routing system, with plans this year for the Department of Homeland Security to quadruple its investment in research aimed at adding digital signatures to router communications.DHS says its routing security effort will prevent routing hijack attacks as well as accidental misconfigurations of routing data. The effort is nicknamed BGPSEC because it will secure the Internet’s core routing protocol known as the Border Gateway Protocol (BGP). (A separate federal effort is under way to bolster another Internet protocol, DNS, and it is called DNSSEC.)
U.S. plots major upgrade to Internet router security - Network World
Internet, Security
Galois is pleased to announce that Cryptol, the language of cryptography, is now available to the public!
Cryptol is a domain specific language for the design, implementation and verification of cryptographic algorithms, developed over the past decade by Galois for the United States National Security Agency. It has been used successfully in a number of projects, and is also in use at Rockwell Collins, Inc.
Galois › Blog › Blog » Cryptol, the language of cryptography, now available
Security
brothke writes …
“The 1962 song Wipe Out, with its energetic drum solo started, was the impetus for many people to take up playing the drums. Similarly, Nmap, the legendary network scanner, likely interested many in the art of hacking, and for some, started a career for security professionals and hackers. Nmap and its creator Fyodor need no introduction to anyone on Slashdot. With that, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning, is a most useful guide to anyone interested in fully utilizing Nmap.”
Slashdot | Nmap Network Scanning
Security
Craig Labovitz writes …
Growing financial pressures, unforeseen threats, and a volatile and rapidly changing business landscape — apt descriptions for both the world economy and this years Worldwide Infrastructure Security Survey.
Arbor Networks once again has completed a survey of the largest ISPs and content providers around the world. Some 70 lead security engineers responded to 90 questions covering a spectrum of Internet backbone security threats and engineering challenges. This fourth annual survey covered the 12-month period from August 2007 through July 2008.
A copy of the full report is available at http://www.arbornetworks.com/report
2008 Internet Security Report | Security to the Core | Arbor Networks Security
Internet, Security
Brian Krebs writes …
Over the past week, a number of the Internet’s largest data carriers have ceased providing online connectivity to Atrivo (a.k.a. “Intercage”), an ISP that security experts say is home to a huge number of scammers and spammers. This week, I’m turning the spotlight on EstDomains Inc., Atrivo’s most important customer and the single biggest reason so many experts have condemned Atrivo.According to RegistrarStats.com, EstDomains is the 49th largest domain name registrar, with more than 270,000 domains. Security Fix is still working on cataloging all of those domains, but for the purposes of this analysis we’ll examine some 10,000 Web site names that are both registered through EstDomains and using the company’s various domain name servers to route traffic to them.I chose to focus on that particular subset of 10,000 domains mainly so that EstDomains could not simply disavow knowledge of the sites’ activities by claiming it serves as nothing more than a registrar for those domains.
A Superlative Scam and Spam Site Registrar - Security Fix
Security
Nmap author Fyodor will soon be releasing Nmap Network Scanning, the official guide to the Nmap Security Scanner. From port scanning basics for novices to the type of packet crafting used by advanced hackers, this book suits all levels of security and networking professionals. Rather than simply document what every Nmap option does, Nmap Network Scanning demonstrates how these features can be applied to solve real world tasks such as penetration testing, taking network inventory, detecting rogue wireless access points or open proxies, quashing network worm and virus outbreaks, and much more. Examples and diagrams show actual communication on the wire. This book is essential for anyone who needs to get the most out of Nmap, particularly security auditors and systems or network administrators.
Publication of Nmap Network Scanning in paper form is expected in September 2008 (with a Defcon pre-release in August). The ISBN number is 9780979958717 (ISBN-10: 0979958717).
Nmap Network Scanning—Official Guide to the Nmap Security Scanner
Resources, Security
An old one, but a good one …
4 Jun 2001
Ofir Arkin writes ….
I am pleased to announce the availability of version 3.0 of my researchpaper “ICMP Usage In Scanning”.Version 3.0 introduces significant changes made to the text.The paper now starts with an introduction to the ICMP Protocol. Theintroduction explains what is the ICMP protocol; it�s message types, andwhere and when we should expect to see these.
Nmap Hackers: Research Paper - ICMP Usage In Scanning v3.0 - RELEASED
Security
Kim Zetter writes …
Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
The demonstration is only the latest attack to highlight fundamental security weaknesses in some of the internet’s core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy. The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness.
Revealed: The Internet’s Biggest Security Hole | Threat Level from Wired.com
Internet, Security