At NANOG 47, I gave an update to the NSP-SEC Top 10 Security Techniques. This tutorial has the video posted on the NANOG archives. I’ve posted the slides here for those who have not viewed or downloaded them. Slides 1 – 127 Slides 128 – Finish Questions, suggestions, and views are welcomed.
I will giving an interview today that the industry has done a poor job in communicating the changes in Denial of Service (DOS) attacks. CERT-FI‘s release of the “Sockstress” details yesterday has a few people confused. Outpost24 discovered some new TCP state abuse technique which can cause a range of issue on a TCP stack [...]
In the operational security community, Distributed Denial of Service (DDOS) is the “gun” used in extortion. Extortion is a human crime – where one group (or individual) preys on another. We mitigate extortion through civic society’s rules (laws) and enforcement (justice system). This dual system of laws and enforcement is further reinforced with education – [...]