Network Security - Page 15 - Results from #280

Discover Network Security News

GPLd Wireshark for Windows 7

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Wireshark development team, led by Gerald Combs, has released three new versions of the Wireshark network protocol analyser. The big change in the stable main version 1.2.3 is that it now contains WinPcap 4.1.1, making it fully Windows 7 friendly. It also fixes a few bugs, some of which could cause Wireshark to crash and were therefore categorised as security-related.

Anthony Pell
Oct 28, 2009

Dave Dittrich on Botnets, Conficker and the Evolution of Malware

Dave Dittrich is a security researcher with the University of Washington, and has often appeared on linuxsecurity.com on issues involving denial-of-service attacks, honeynets, and other distributed network-related security. Great interview with him on ThreatPost.In this episode, Dennis Fisher talks with Dave Dittrich of the University of Washington, one of the top botnet and malware researchers in the industry, about the evolution of botnets and malware, the innovations of the Nugache botnet and the monetization of large-scale botnets.

Anthony Pell
Oct 21, 2009

Malware torrent delivered over Google, Yahoo! ad services

Some of the web's bigger websites were flooded with a torrent of malicious banner ads after cyber crooks managed to sneak them onto syndication services operated by Google, Yahoo, and a third company, according to a security firm.

Anthony Pell
Oct 06, 2009

DDoS attack rains down on Amazon cloud

Web-based code hosting service Bitbucket experienced more than 19 hours of downtime over the weekend after an apparent DDoS attack on the sky-high compute infrastructure it rents from Amazon.com.

Anthony Pell
Oct 06, 2009

5 Mistakes a Security Vendor Made in the Cloud

When security experts sound the alarm about enterprises embracing cloud computing with little understanding of the risks, it's usually a case where the expert -- working for a vendor -- is making a pitch for their employer's products. That's all well and good, but here's the problem -- some of them have trouble keeping their own side of the cloud clean.

Anthony Pell
Oct 01, 2009

Network Monitoring Appliance

My ambition was to implement a small (better tiny) appliance for monitoring network health and network resources, short and longtime trends, running under VMware Server or VMware ESX. So I had an eye upon all components which are implemented on the system, to be as leightweight as possible. This was also the reason why no SQL DBMS based software was used.

Anthony Pell
Sep 29, 2009

DNS Cloud Security Services Arrive

One of the first cloud-based secure DNS services was launched today amid intensified concerns about locking down vulnerable Domain Name Service servers. OpenDNS, which provides a free DNS service for consumers and schools, is offering a subscription-based commercial service for enterprises. Other vendors, such as Nominum, are considering offering secure DNS cloud services, as well.

Anthony Pell
Sep 15, 2009

Use Wireshark to track your network behavior

Any time I need network analysis I turn to Wireshark. Wireshark is, in my opinion, the defacto standard for network protocol analyzers . Not only is it incredibly powerful, useful, and user-friendly it is also FREE! But what exactly is Wireshark? Simple: Wireshark is a network protocol analyzer that watches and logs all incoming and outgoing traffic as defined by your needs. This tool can not only read traffic live, it can read traffic from a previous dump. And it can read files from other applications such as tcpdump and Microsoft Network Analyzer.

Anthony Pell
Aug 11, 2009

Twitter DOS Attack Targeted Georgian Blogger

Great coverage on the Twitter/FB DDoS on CIO. CNET also has several articlesThe denial of service (DOS) attacks which knocked Twitter offline and slowed down Facebook response times yesterday may have been designed to target just one individual.

Anthony Pell
Aug 07, 2009

Facebook, Twitter, Others Down in Possible DDoS?

Twitter & Facebook, among others, appear to all be down or having access problems. It doesn't appear to be an infrastructure problem, but something more widespread, such as an ISP problem or distributed denial of attack.Twitter was inaccessible for at least a half hour on Thursday morning, followed by a period of slowness and sporadic timeouts (and more outright downtime). It's not clear what has caused this. My theory is that it was the millions of people tweeting complaints about why it can't be Friday yet.

Dave Wreski
Aug 06, 2009

Report: Spam and malware at all-time highs

Spam and botnets have hit their highest levels ever, according to McAfee's second-quarter Threats Report, released Wednesday. McAfee's Avert Labs says spam recorded in the second quarter shot up 80 percent compared with the first quarter of the year.

Anthony Pell
Jul 29, 2009

Latest DDoS attacks extremely unsophisticated, experts say

The latest distributed denial-of-service (DDoS) attacks that have wrangled some U.S. and South Korean government websites appear to be the work of a relatively unsophisticated attacker and not the actions of a state sponsored professional, according to experts analyzing the traffic from the botnet behind the attacks.

Anthony Pell
Jul 16, 2009

Five of the biggest IPv6-based threats facing CIOs

The IETF has identified many security threats related to IPv6, the long-anticipated upgrade to the Internet's main communications protocol. Security concerns around IPv6 deployment are real, although the number of IPv6-based attacks remains small.

Anthony Pell
Jul 13, 2009

'Mafiaboy': Cloud Computing Will Cause Internet Security Meltdown

Reformed black-hat hacker Michael Calce, better known as the 15-year-old "mafiaboy" who, in 2000, took down Websites CNN, Yahoo, E*Trade, Dell, Amazon, and eBay, says widespread adoption of cloud computing is going to make the Internet only more of a hacker haven. "It will be the fall of the Internet as we know it," Calce said today during a Lumension Security-sponsored Webcast event. "You're basically putting everything in one little sandbox...it's going to be a lot more easy to access," he added, noting that cloud computing will be "extremely dangerous."

Anthony Pell
Jul 02, 2009

Kaminsky interview: DNSSEC addresses cross-organizational trust and security

Network security researcher Dan Kaminsky has had a year to reflect on the impact of the cache poisoning vulnerability he discovered in the Domain Name System (DNS). Kaminsky revealed during last year's Black Hat Briefings a technique that made it relatively easy to exploit the bug and enable an attacker to redirect website requests to malicious sites. In the time since, Kaminsky has become an advocate for improving security in DNS, and ultimately, trust on the Internet. One way to do this is with the widespread use of DNSSEC (DNS Security Extensions), which essentially brings PKI to website requests. In this interview, Kaminsky talks about how the implementation of DNSSEC would enable greater security and trust on the Net and provide a platform for the development of new security products and services.

Anthony Pell
Jun 26, 2009

DNSSEC Showing More Signs Of Progress

The Domain Name System (DNS) security protocol is finally making inroads on the Internet infrastructure front, but big hurdles remain for widespread, smooth adoption. It has been more than 15 years in the making, but DNSSEC is finally gaining some traction: The .gov and .org top-level domains have begun to adopt the Domain Name Service (DNS) security protocol, and during the past few days, some commercial activity was associated with it.

Anthony Pell
Jun 23, 2009

Wireshark 1.2.0 released

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. Wireshark 1.2.0 has been released. This is the new stable release branch of Wireshark and many new and exciting features have been added since 1.0 was released.

Anthony Pell
Jun 17, 2009

New DOS attacks threaten wireless data networks

Forget spam, viruses, worms, malware and phishing. These threats are apparently old school when compared to a new class of denial-of-service (DOS) attacks that threaten wireless data networks. The latest wireless network threats were outlined in a talk here Thursday by Krishan Sabnani, vice president of networking research at Bell Labs, at the Cyber Infrastructure Protection Conference at City College of New York.

Dave Wreski
Jun 10, 2009

Clickjacking: Hijacking clicks on the Internet

Read on for info on this new security vulnerability, and learn exactly how it works. Lots of people seem to have an opinion on this article at CNET. Do you see this vulnerability as being a big problem for you? "Most exploits (like worms and attacks that take advantage of holes in software) can be patched, but clickjacking is a design flaw in the way the Web is supposed to work," Grossman said. "The bad guy is superimposing an invisible button over something the user wants to click on...It can be any button on any Web page on any Web site." The technique was used in a series of prank attacks launched on Twitter in February. In that case, users clicked on links next to tweets that said "Don't Click" and then clicked on a button that said "Don't Click" on a separate Web page. That second click distributed the original tweet to all of the Twitter user's followers, thus propagating itself rather quickly.

Anthony Pell
May 25, 2009

Hardened OS Vendor Builds Secure Virtual Layer For Network Devices

Nice article from a press release at Interop. What kind of virtualization security does Linux have, and how does it compare? What steps do people take to secure their virtual servers?Ultrasecure operating system maker Green Hills Software is quietly providing some major network equipment manufacturers with an extra layer of security for its devices. Green Hills, which last fall released a commercial version of its hardened Integrity-178B operating system used in military fighter planes, is now leveraging that technology for the network, as well. Company officials here revealed they have built a secure virtualization platform for networking equipment based on a combination of the company's secure OS virtualization and networking technologies.

Anthony Pell
May 22, 2009

Network Security - Page 15

I2P 2.5.0 Release Brings Improvements in Tunnels, I2PSnark & More

Canonical Makes Network Management Simpler and More Secure with Netplan 1.0

GTPDOOR Linux Malware Threatens Telecoms, Exploits GPRS Roaming Networks