Network Operations

Latest articles

Threat Integration: Lessons of Indicator and Incident Exchange

Kathleen Moriarty

Integration of shared indicators of compromise is very difficult when the responsibility is distributed out to organisations who are then left with the task of turning those indicators into defensive actions or blocking rules. In this article, Kathleen Moriarty shares lessons learned for indicator …

Article tags:

9 You have liked this article 0 times.
0

Measuring Encrypted-DNS Censorship Using OONI Probe

Simone Basso

In this article we talk through the preliminary results of an encrypted-DNS censorship study currently being conducted by the Open Observatory Network Interference (OONI).

Article tags:

14 You have liked this article 0 times.
1

Deploying IPv6-Mostly Access Networks

Ondřej Caletka

Dual stack is the most common way of deploying IPv6 in access networks. A recent standard defines IPv6-mostly access networks, providing IPv4 connectivity only for legacy devices while allowing modern devices to run IPv6-only. It is already well supported and allows network operators to gradually p…

Article tags:

41 You have liked this article 0 times.
1

Journeying into XDP Part 2: XDPerimenting with DNS Telemetry

Luuk Hendriks

In this instalment of our Journeying into XDP series, we look into a passive BPF-program that enables us to plot graphs of DNS metrics without altering the DNS packets or touching the DNS software itself.

Article tags:

21 You have liked this article 0 times.
0

All articles

Where Did My Packet Go? Measuring the Impact of RPKI ROV

Koen van Hove

Merely doing RPKI ROV does not provide any guarantees where your packet ends up. We conducted an experiment where we look into the impact of RPKI ROV on whether the packet ends up in the intended location based on active beaconing with two servers.

Article tags:

52 You have liked this article 0 times.
0

Stalloris: RPKI Downgrade Attack

Haya Shulman

Our research considers the impact of malicious publication points on the resilience of RPKI. We explored attacks that target the functionality of the relying party implementations and evaluated the resulting impact on the RPKI validation. We found all the relying party implementations to be vulnera…

Article tags:

21 You have liked this article 0 times.
0

Dealing with the Undercurrent of Unwanted Traffic

Leslie Daigle

It’s common knowledge that there are “bad actors” on the Internet, poking and prodding open ports as they find them. But just how much of this “unwanted traffic” is out there, and how much is “too much” to allow out of a source network?

Article tags:

21 You have liked this article 0 times.
0

Unpacking RFC 9199: Considerations for Large Authoritative Server Operators

Giovane Moura

RFC 9199 puts forward six considerations for large authoritative DNS server operators each derived from peer-reviewed research. Giovane Moura from SIDN Labs walks us through the list of considerations and the experience he and his co-authors had with the RFC process.

Article tags:

19 You have liked this article 0 times.
0

IPv6 10 Years Out: An Analysis in Users, Tables, and Traffic

Rene Wilhelm

On 6 June 2012, the Internet Society organised the World IPv6 Launch. On that day, participants switched on IPv6 not just for testing, but to use permanently in production services. As ten years have passed since, we look at how IPv6 adoption and deployment has progressed, in terms of routing, end-…

Article tags:

46 You have liked this article 0 times.
1

Making Security Simple for Organisations Big and Small

Kathleen Moriarty

Calls for security to be built-in and managed over time are growing. Kathleen Moriarty takes a looks back at a recent panel discussion on “Making Security Simpler” and the hopeful messages that came out of it for the transformation of Internet security for organisations in the coming years.

Article tags:

12 You have liked this article 0 times.
0

Showing 734 article(s)

Previous
1 2 3 ... 74
Next