Public Cloud DNS Resolvers (which offer services)

Public Cloud DNS Resolvers are now well known in the industry.  Google DNS has opened the door for many solutions offering a variety of DNS Resolver base solutions. Today, there is a multitude of cloud-based DNS Resolvers. These are services individuals might wish to explore. Everyone has the ability to control which DNS Resolver they Read More

memcached on port 11211 UDP & TCP being exploited

  TLP:WHITE UPDATE: As of 2018-03-17 ( Morning Update), more attack using the memcached reflection vector have been unleashed on the Internet. As shared by  Akamai Technologies “memcached-fueled 1.3 Tbps Attacks,” the application factors are “Internet Impacting.” Mitigation and Remediation Efforts are reducing the number of potential memcached reflectors. Please keep up the good work. Operators are asked Read More

Using the DNS Resolver to Protect Networks

Smart organizations use the DNS Resolver to Protect Networks.  Here is why …   A typical story ….. Imagine walking in to work the first thing in the morning. Your staff comes into the office. They get their coffee, fire up their computer, and check out the morning industry news. Your staff is alert, applies Read More

CLDAP Reflection Attacks are Increasing! Why? Preventable!!!

Yes, CLDAP Reflection Attacks are increasingly used in DOS attacks! Everyone was warned! We have lots of data which illustrated how CLDAP is being used for reflection DOS attacks. Now we have the news from Netlab 360 that CLDAP is now the #3 protocol used for DOS reflection attacks – CLDAP is Now the No.3 Read More

Is it time to build an “SP Anti-DOS Alliance?”

Is it time to build an “SP Anti-DOS Alliance” is the first of several blogs. It will be a brain dump of what collaborative actions have and has not been working within the industry. Last week, I posted a Linkedin update on the Operator’s Security Toolkit. A long term colleague, Eddie Chan,  pointed out the Read More

Filtering Exploitable Ports and Minimizing Risk to and from Your Customers

What are you doing to prepare for the next “scanning malware” and “Internet Worm?” Barry Greene @ bgreene@senki.org Version 1.0 TLP:WHITE Recommendation: Operators (CSPs, ISPs, Cloud Companies, and Hosting Companies) are strongly encouraged to deploy Port Filtering on the known Exploitable ports and Source Address Validation (SAV) on their customer edge of the network as Read More

Are you part of the DDOS Problem?

Yes, your network, your service provider, and your government can be actively contributing to the global Denial of Service (DoS) epidemic! DoS attacks come in two “families.” The first DoS family are from tools which are launched from infected, violated, and penetrated devices on the Internet. There “remote controlled” by the attackers to hit a Read More

Preparing for the next DDOS Wave

This week I was helping with a top 10 list to prepare for DDOS attacks. I did it without reviewing the industry to see the marketing overload of “prepare for DDOS steps.” These all seem to lead the one conclusion … “buy my product.” Steve Zurier (Dark Reading) and I pulled together these ten steps to Read More

Reporting DoS Attacks & Fighting Back Against DOS Attacks

Are you prepared for the next DoS Extortion attack? Armada Collective “like” DoS extrusion attacks are picking up. It is time to review those “DoS” preparation checklist. This white paper explore the data that would need to be collected to successfully push back on DoS attacks. It includes information your “DoS Defense Allies” will need to help you mitigate, remediate, and potentially whack down the DoS attack. Read More

Demand Security from your Vendors

Demande Security from your Vendors. Ask the right “Security Questions.” This provides a list of questions that anyone can use with their vendors to get a better understanding of their security capabilities. Start meaningful “Security Conversations.” Read More