Security

DNS amplification attacks back in the spotlight

US CERT re-issued today their March 29 2013 technical advisory reminding organisations to check their networks for open DNS resolvers, which can easily be used in a Distributed Denial of Service (DDoS) attack. See https://www.us-cert.gov/ncas/alerts/TA13-088A. An open DNS resolver is where the DNS server will accept and answer recursive DNS query requests from hosts that are not part of the IP address range under control of the organisation i.e. recursive DNS server functionality should be restricted to only those host IP addresses that belong to the enterprise or ISP.

Want to check if your DNS's are part of the purported 28 million open resolvers (as of May 2013 - see http://openresolverproject.org), then a useful tool is http://dns.measurement-factory.com/cgi-bin/openresolverquery.pl  If you are the technical contact for the IP address range as reported by whois then this tool will send you the current resolver status of your DNS's.

Another great resource is the  site www.dnsinspect.com. This site provides you with a detailed report on the status of your DNS. A great place to check on possible security vulnerabilities for your domain.

The CERT amplification reference cited above provides an excellence reference, however if you need up-skilling on aspects of DNS then please contact us. We do provide training in all aspects of DNS, IP, Deep Packet Analysis and Cyber Security.

So you think your password is safe...

At this time of year many "lists" are being prepared. And, one of the recurring lists we see in the technology world is the "worst password list". User password control is often the very first level of access to computer system resources and sometimes we just don't take enough care with making them that little bit harder to foil the ardent hacker. There is the ever-present threat of unauthorised access to computer networks (refer to Dec 10, 2012, media reports on the Gold Coast Miami Medical Centre being held to ransom by hackers who gained access to patient records) access to computer resources is made is easier by simple passwords. Have a look at the worst 25 passwords of  2012, published by SplashData, who compiled the list from the millions of online postings of stolen passwords. We all know we should use longer passwords with special characters, capitalisation variation, include numbers, but then that just makes it a little bit harder to remember doesn't it!  But, make yourself a pre-New Years resolution....I will change my password, I will make it more complex, I will, I will..... SplashData - 25 Worst Passwords of 2012.

Some of the entries on the list include (and I bet you've already scanned ahead or already guessed): password, 123456, iloveyou, letmein, master.