This week Digium released three security advisories allowing remote authenticated sessions to either crash an Asterisk server or escalate user privileges. The advisories are: AST-2012-004 – Asterisk Manager User Unauthorized Shell Access AST-2012-005 – Heap Buffer Overflow in Skinny Channel Driver AST-2012-006 – Remote Crash Vulnerability in SIP Channel Driver In all cases the solution is to upgrade to […]
Apr 25
Microsoft Security TechCenter: DNSSEC and DNS Amplification Attacks
What are the security risks related to using DNSSEC with regard to “DNS amplification attacks”? In a recent article at Microsoft’s Security Tech Center, Greg Lindsay dives into exactly that question. First, though, he explains how a DNS amplification attack is a form of a Distributed Denial of Service (DDoS) attack that uses DNS queries Read more…
Apr 25
Want To Make Your Web Content Available over IPv6? Check Out The Excellent RFC 6589
Are you a “content provider,” such as a website operator, seeking to understand how to ensure your content is available over IPv6? Would you like to know what challenges you can expect? What kind of migration strategies you can use? What you should do for an implementation plan? If so, the IETF recently published an Read more…
Apr 24
Contrasting Mercurial vs Git: Two Opposing Blog Posts
Which should you use for a distributed version control system (DVCS) – git or mercurial? That was the question taken up recently by two opposing blog posts on Atlassian’s blog:
Apr 24
RFC 6589 – Transitioning Content to IPv6
Are you a “content provider,” such as a website operator, seeking to understand how to ensure your content is available over IPv6? If so, the IETF recently published an excellent guide in RFC 6589, “Considerations for Transitioning Content to IPv6“. Written by Comcast’s Jason Livingood the document explains both the issues with moving content to Read more…
Apr 24
Internet Society Launches "Internet Hall of Fame" Celebrating Early Pioneers
One of the very cool announcements coming out of the Internet Society’s Global INET event in Geneva this week was the creation of an "Internet Hall of Fame" that recognizes many of the pioneers who started this amazing journey we’ve…
Apr 24
New Internet-Draft: Security Implications of IPv6 on IPv4 networks
What are the security implications of having native IPv6 support on IPv4-only networks? What are the security implications of the automatic enabling of IPv6 transition mechanisms such as tunneling? In a new Internet-Draft out this week, security researcher Fernando Gont of the UK’s Centre for the Protection of National Infrastructure seeks to explore those very Read more…
Apr 24
IPv6 Training (and Courseware) Available At RIPE NCC
Interested in learning more about IPv6? In Europe, RIPE NCC, the Regional Internet Registry (RIR) for the region offers an IPv6 training course for staff of Local Internet Registries – and perhaps more relevantly, they make their course materials and exercises available to all for free. You can see the outline for the RIPE NCC Read more…
Apr 24
Photo: Still Time To Meet The Deploy360 Team at Global INET
If you are at the Internet Society’s Global INET event happening in Geneva right now, you still have a chance to meet Richard Jimmerson and Megan Kruse from the team behind the Deploy360 Programme. Here’s a photo of them (looking sharp!) by the banner for our program. Megan and Richard have been having great conversations Read more…
Apr 23
When Will We Hit 100 DNSSEC-Signed TLDs?
In looking at ICANN’s TLD DNSSEC Report for today, I noticed that the number of top-level domains (TLDs) signed with DNSSEC is creeping very close to 100: 313 TLDs in the root zone in total 94 TLDs are signed; 86 TLDs have trust anchors published as DS records in the root zone Who will be Read more…
