Your BIND Server Probably Needs an Update
Oct 29,
2015
Years ago I wrote a class that included a long section on configuring DNS – the Domain Name System the Internet uses to “resolve” human-readable names into machine-processable IP addresses. I focused on explaining how to make it work. In a later security course I explained issues with DNS and how BIND 9 would fix […]
Cyber Security and Masquerade — Not Just For Halloween
Oct 26,
2015
It’s nearly Halloween here in the US and that means costumes and masquerade. Google tells us that “masquerade” is a noun meaning “a false show or pretense” or a verb meaning “pretend to be someone one is not”. These have the same sense as the cyber security definition from RFC 4949, “A type of threat […]
Is Cyber Security a Priority for our Critical Infrastructure?
Oct 7,
2014
In a recent study, two-thirds of the citizens of a large city reported being mugged, but only a quarter said that stopping muggings was a top priority. OK, not really, but close. SC Magazine reported a similar situation in an article by Daneille Walker on July 11 of this year. They reported on a study […]
Cops, robbers and cyberattacks
Mar 28,
2013
It is claimed that when famed bank robber Willie Sutton was asked why he robbed banks, he replied, “because that’s where the money is.” Although later in his life he denied saying it, that statement is the basis for “Sutton’s Law”. It makes sense, though, and it seems to apply to cyber attacks, at least […]
Cyber Attacks Have Been Monetized
Aug 28,
2012
Very impressive attacks are first discussed as theoretical possibilities. “If an attacker had these enormous resources …” and so on. Then researchers give presentations at conferences showing how the theoretical might be less impractical than we expected. That is followed by a proof of concept demonstration, and then we have attacks occurring in the wild. […]