Expected DoS Attacks – 10 Steps to Prepare for the Pain

Version 1.0 It is time to prepare for Expected DoS Attacks. There is no perfect anti-DoS solution. But with forethought, planning, coordination, and practice any organization minimizes the impact of the DoS attacks. What follows ten essential steps that have proven to help organizations prepare for DoS attacks. The fundamental principles you will find in

FlowSpec – Using BGP for Rapid DOS Response

Using BGP FlowSpec to Push an ACL to the Edge of the Network, to Stop a DOS Attacks, and Build a DOS Response Architecture Version (0.7) FlowSpec provides large networks with an ability to push a layer 4 ACL rapidly to the edge of the network using the Network Layer Reachability Information (NRLI) expansion of

BGP Route Hijacks & Routing Mistakes – What can be done Today?

Protecting your Business, Customers, & the Internet from BGP Route Hijacking Chaos? (DRAFT – Version 0.11) The Internet is glued together with the Board Gateway Protocol (BGP). It may not be perceived as the “perfect” protocol, but it has delivered a transformative global network that spans the Internet and all telecommunications. It is stable, transparent,

Demanding Security from your Vendors

How does any organization have a productive and meaningful security conversation? This guide offers a simple and meaningful security conversation guide. These conversations would help the organization determine the real security risk from their vendors.  This is an updated version of a set of questions Operators (and vendors) can use to have these meaningful conversations. 

Remote Triggered Black Hole (RTBH) Filtering

  RTBH Fundamentals You have three choices when you stand in front of an on rushing force. You can push back directly against that force. You can step aside and let the force push past you. Or, you can redirect the force to a location that you choose. Now think of that “force” in the

Open Source Threat Intelligence Feeds

The community of open source threat intelligence feeds has grown over time. We have new sources being offered all the time. Many companies offer freemium services to entice the usage of their paid services.  There are community projects which aggregate data from new sources of threat intelligence. We also have an emerging market of companies

Vendor Security

Vendor Security – This document has been updated and maintained here: How to Demand Security from your Vendors   Demand Security from your vendors! What security questions are you asking your vendors? The Bloomberg article, “How Russian Hackers Stole the Nasdaq,” is a sobering insight into today’s risk. It should be a wake-up call for all organizations in

Operator’s Security Toolkit

It is time for a refresh of the SP Security materials used by many over the years. Back in 2002, several people in the emerging “Service Provider Security” field pulled together a list of top practices every Operator should deploy. These “NSP-SEC Top 10” techniques became the foundation of our toolkit that is used daily