Source Address Validation (SAV) – Techniques & Tools

Source Address Validation (SAV) is one of the most promoted security best practices. We have achieved a wide range of SAV deployment, but we also run into the tedious 20% of the Internet that takes more human-intensive SAV deployment work. This guide is provided to help operators, engineers, policymakers, and executive decision-makers have a “reference

What Drives Barry?

What drives Barry’s passion, drive, and empowerment focus? The following is a work in progress to help others learn from my journey, my experiences, people who have cleared the path for me, people who have helped me, and people who have been my allies for change over the last decades. This page is part of

DDoS Resiliency Workshop – 2022

Revised, Updated, and Enhance DDoS Resiliency Workshops for Today’s Internet In the late 1990s, several people started teaching ISPs how to protect their networks from attack. These early “DDoS Resiliency Workshops” evolved in a consistent theme and method that eventually curated best common practices for DDoS resiliency. Unfortunately, the threats from attacks to Communications Services

Why is an “APRICOT” critical to Asia/Pacific Internet Operations?

There is one conference where Asia & Pacific Critical people resources meet to maintain the operational relationships critical to the success of the Internet. Are you going to Asia Pacific Regional Internet Conference on Operational Technologies (APRICOT)? People glue together the Internet and Telecom. People who meet, collaborate, and work with each other to keep Read More

BGP Security Workshop – Safeguarding the Internet’s Glue

BGP and DNS are the two critical protocols that glue the entire global network (the Internet). Without them, the Internet falls apart. The security, resiliency, and integrity Border Gateway Protocol (BGP) holds up the routing of packets end-to-end across the Internet. Threats to BGP systems are life-threatening, disrupting critical infrastructure people depend on for their

Meaningful Security Conversations with your Vendors: Can vendors ever provide secure solutions?

It is critical to have meaningful security conversations with your vendors. Operators depend on their vendors to supply products and solutions that are secure. As all operators have experienced, “secure products” is almost always a vendor afterthought. This leads to an operational risk that in some cases turns deadly. In this session, we will explore

Protecting your Domain Names: Taking the First Steps

Protecting your domain names is often overlooked, ignored, and neglected. Everyone and everything on the Internet depends on the Domain Name System (DNS) being functional. The DNS has been a common vector for attacks in recent years. Attacking DNS will continue in the future. The 2019 DNSpionage Campaign and Sea Turtle attacks were wake calls

DNS is Under Attack – the Miscreant’s Offensive Playbook with a Defensive Counter

Our DNS is Under Attack is not something anyone wants to hear. DNS’s critical role known to the miscreants, DDoS Extortionist, DDoS Attackers, and other threat attackers. Taking out DNS is easier than trying to take down a website. Smart miscreants have a playbook of offensive DNS attack techniques that they can use against any

Realities of Today’s DDoS Security Risk

 Focusing on the lessons from the 2020 – 2021 DDoS Extortion Campaigns DDoS Extortion will not go away. It is a cyclical International crime that can only be stopped with the DDoS Extortionist are arrested. In 2020, organizations woke up to a new wave of DDoS Extortion activities. These attacks caught organizations with the DDoS

Securing Your Network Using Shadowserver’s Daily Network Reports

Securing your Network using Shadowserver Reports helps organizations learn about this unique public benefit tool.  What if there was a public benefit, free to use, security report that provided you a complete overview of your security risk? What if this tool allowed you to see what the bad guys are seeing on your network? What