Buy it, Use it, Break it, Fix It. Crash it, Change it, Now upgrade it.
Reporting With Cassandra
Quite commonly the need arises to analyze data over time and provide quick and easy access to those statistics via a dashboard. Providing access to real time stats can be difficult as the quantity of data being analyzed grows. This article will cover one potential solution for storing, and querying statistical data with Apache Cassandra for real time report generation.Download PDF HERE
LOCATION AWARE DDOS ATTACKS
The future is coming and change is inevitable! This presentation will dive into how content delivery networks currently announce their networks, and how this may change as a proposed IETF draft gets implemented. The draft allows for an EDNS0 extension to relay source network information to authoritative name-servers. With Google, NeuStar, and Name.com sitting as the heavy backers to this draft, it will most definitely affect some of the largest networks on the planet. Botnets have historically relied on DNS for both hiding their networks and determining their targets. Attackers could leverage this extension to provide an in depth knowledge of a network's geographical layout, in order to launch targeted distributed denial of service attacks!Download PDF HERE
Recursive DNS Cache Auditing
Dan Kaminsky of IOActive recently discovered a flaw in multiple DNS server implementations. The flaw is detailed in US-Cert Vulerability Note VU#800113. Dan coordinated efforts with multiple experts, including Paul Vixie, to organize what could arguably be one of the most responsible disclosures conducted in this industry. This disclosure and subsequent release involved multiple vendors meeting together to discuss issues, and courses of action, and then simultaneously releasing patches to the public. In the months leading up to the public release, Jose Avila of ONZRA discussed the need for an open source solution for detecting cache poisoning events with Dan. This white paper provides a brief background on DNS as it relates to cache auditing, a method for auditing recursive DNS server caches, and the details of CacheAudit, which is based on these auditing methods.Download PDF HERE