You are here: Home > Publications > RIPE Labs > Security

Security

Adam Castle — 24 Feb 2014
The RPKI Observatory: A New Website Aiming to Help Reduce RPKI Misconfigurations
The RPKI Observatory: A New Website Aiming to Help Reduce RPKI Misconfigurations
nusenu nusenu — 17 Oct 2018

In this post I'll cover why it is important to take care of RPKI misconfigurations, what the impact of ignoring them is, how network operators can easily determine whether they are affected by a specific RPKI misconfiguration and how significantly the amount of RPKI unreachable IP space changed over the course of just a few weeks.… Read more

Internet Atlas - Tools for Digital Literacy
Internet Atlas - Tools for Digital Literacy
Andrej Petrovski — 03 Oct 2018

Based on existing studies and research about the digital environment in Serbia, its legal and technical features, usage and habits among Internet users, the SHARE Foundation aims to produce tools and materials designed to inform, educate and encourage project target groups understand Internet infrastructures and their influence on digital rights.… Read more

Let's Connect! Easy to Install and Secure VPN Software that Respects your Privacy
Let's Connect! Easy to Install and Secure VPN Software that Respects your Privacy
Rogier Spoor — 03 Sep 2018

Going online on unknown Internet hotspots - whether at a restaurant, an airport or in a restaurant - isn't actually very safe or secure for users. This is due to the open character of hotspots which makes it easy to impersonate legitimate hotspots and eavesdrop on traffic - or even serve malware. The main aim of the Let's Connect! project is to develop a secure, fast and usable open-source VPN solution that can be used by anybody on all types of devices. Thanks to the RIPE NCC Community Projects Fund this important goal is getting within reach.… Read more

Sunrise DNS-over-TLS! Sunset DNSSEC?
Sunrise DNS-over-TLS! Sunset DNSSEC?
Willem Toorop — 23 Aug 2018

Is DNSSEC still needed when you get your DNS over TLS? DNSSEC's original design goals could also be met in a future DoT-only world. However, DNSSEC's aspirations have moved on with DANE. Unfortunately DNSSEC and DANE are hardly ever available at end-user devices. DoT brings liable delivery of DNS, which might make DNSSEC and DANE finally happen after all.… Read more

ARTEMIS: Neutralising BGP Hijacking Within a Minute
ARTEMIS: Neutralising BGP Hijacking Within a Minute
Vasileios Kotronis — 19 Jul 2018

BGP prefix hijacking is a persistent threat against Internet organisations, attributed to a lack of authorisation and authentication mechanisms in the inter-domain routing system. ARTEMIS (Automatic and Real-Time dEtection and MItigation System) is a defence system against BGP prefix hijacking, which is based on comprehensive, accurate and fast detection operated by the AS itself, and enables flexible and fast mitigation of hijacking events.… Read more

BGP Flexibility and its Consequences
BGP Flexibility and its Consequences
Alexander Azimov — 10 Jul 2018

Border Gateway Protocol (BGP) is the only exterior gateway protocol created to control traffic between Internet Service Providers (ISPs) all over the world. The initial protocol design was so flexible that after 20 years, it has become a de facto standard mechanism for MPLS/VPN and even Interior Gateway Protocol in large-scale data centres.… Read more

Tags: bgp security
What Are My Options? Session Encryption Protocols Looking Forward
What Are My Options? Session Encryption Protocols Looking Forward
Kathleen Moriarty — 14 Jun 2018

This is the third and last piece in our mini series on network and security management. With TLSv1.3 approved and in the Internet Engineering Task Force (IETF) publication queue it’s time to think about deployment options and obstacles, and planning for changes inherent in this revision. Regardless of when you plan to upgrade it may require significant planning for internal applications and network architectures, less so for Internet-based sessions. … Read more

Tags: security

Document Actions