November 25, 2013 archive

Large-scale Attacks Against VoIP and Videoconferencing Happening Today?

Voice Ops mailing listAre there large-scale attacks happening against VoIP and videoconferencing systems today?  Or is it limited to one particular system?  In a posting this morning to the VoiceOps mailing list, J. Oquendo wrote:

We have seen a larger than normal, if not, one of the largest attacks against some of our VoIP and video conferencing systems today. Initially, we fielded a report of a “system gone bad” followed by another, then another, and another. This has now carried on into some of our videoconference units (LifeSize).

Because our goal is to get telephony up and running, there was not much we could do via incident response, so I have little to add on attack vectors however, I will state that PBXNSIP has been the primary target, with about a dozen of these being hit pretty hard to the point I’ve had to block all, stop the software and re-start it.

Given that J. Oquendo has been around VoIP security circles for quite a few years now and worked on a number of different projects, I’m inclined to believe his account.  Are any of you seeing increased attacks?   If so, I think he’d certainly like to hear from you.  If you’re not a member of the VoiceOps list, you might also want to join that list as it’s become quite a good resource for people involved in the operations of VoIP systems.

Celebrating 30 Years Of The Domain Name System (DNS) This Month!

dns-250Thirty years ago this month, in November 1983, two RFCs were published that defined the critical Internet service that we now take for granted and use every day – the Domain Name System or more generally just “DNS”. Those two RFCs, authored by Paul Mockapetris, were:

These two RFCs formed the basis for what was to become the DNS system we use today.  There was a great amount of discussion in the early 1980′s around how to move beyond the flat naming convention used in the early “ARPA Internet”.  Several proposals were out there that make for interesting reading today, including RFC 799, RFC 819 and RFC 830.  As Paul Mockapetris relays in a video for the Internet Hall of Fame (IHOF) Internet timeline, his boss at the time, Jon Postel, asked Paul to look at the various ideas and come up with a proposal of his own for how it should work.  The result was RFCs 882 and 883.

Four years later, in November 1987, these two original RFCs (882 and 883) were then “obsoleted” by RFC 1034 and RFC 1035 in which Paul updated and expanded the original RFCs based on the experience of those four years in actually implementing DNS. These newer RFCs 1034 and 1035 are still the basis of DNS today, although they have been “updated” many times since, including by the addition of DNSSEC in RFCs 4033, 4034 and 4035.

Today the DNS is a critical part of our Internet infrastructure and is the service guiding us in connecting to all the other services we use across the Internet. We all use DNS all the time every day even though, as Paul Mockapetris wrote earlier this year, we may not even be aware that we are using DNS.

Here at the Deploy360 Programme we are focused on how we collectively can make the DNS more secure using DNS Security Extensions (DNSSEC) and through that how we can make the overall Internet safer and more secure.  But as we do that, we do also need to step back and just think about how amazing the overall DNS system is – and how incredibly critical it has become!

Happy 30th anniversary to the DNS!  It will be fascinating to see where it goes next!

P.S. Many thanks to Ondřej Surý of NIC.CZ who pointed out this 30-year anniversary today on the dns-operations mailing list.


UPDATE: Our colleague Andrei Robachevsky also provided some commentary in a post, Happy 30th Birthday, DNS!, where he points to some other briefing papers, studies and reports around DNS, and also touches on issues relating to the abuse of DNS.


An audio commentary on this topic is also available:

FIR #731 – 11/25/13 – For Immediate Release

Survey update, interviews coming, AllThingsIC with Rachel Miller debuting, book giveaway contest; Quick News: is BP trolling its critics?, the PR Show in London on Nov. 26, Polyvore drives huge social commerce; Ragan promo; News That Fits: change culture quickly, Michael Netzley's Asia Report, Unilever's social social media campaign, Media Monitoring Minute from CustomScoop, listener comments, KLM uses social media and boosts sales, Dan York's Tech Report, deeplinking in the mobile world; how to comment; music from The House of Jed; and more.