Desktop Site

Reporting With Cassandra

Author: Jose Avila | Date: January 1, 2013

Quite commonly the need arises to analyze data over time and provide quick and easy access to those statistics via a dashboard. Providing access to real time stats can be difficult as the quantity of data being analyzed grows. This article will cover one potential solution for storing, and querying statistical data with Apache Cassandra for real time report generation.

Download PDF HERE

LOCATION AWARE DDOS ATTACKS

Author: JOSE AVILA | Date: June 17, 2010

The future is coming and change is inevitable! This presentation will dive into how content delivery networks currently announce their networks, and how this may change as a proposed IETF draft gets implemented. The draft allows for an EDNS0 extension to relay source network information to authoritative name-servers. With Google, NeuStar, and Name.com sitting as the heavy backers to this draft, it will most definitely affect some of the largest networks on the planet. Botnets have historically relied on DNS for both hiding their networks and determining their targets. Attackers could leverage this extension to provide an in depth knowledge of a network's geographical layout, in order to launch targeted distributed denial of service attacks!

Download PDF HERE

Recursive DNS Cache Auditing

Author: Jose Avila | Date: July 25, 2008

Dan Kaminsky of IOActive recently discovered a flaw in multiple DNS server implementations. The flaw is detailed in US-Cert Vulerability Note VU#800113. Dan coordinated efforts with multiple experts, including Paul Vixie, to organize what could arguably be one of the most responsible disclosures conducted in this industry. This disclosure and subsequent release involved multiple vendors meeting together to discuss issues, and courses of action, and then simultaneously releasing patches to the public. In the months leading up to the public release, Jose Avila of ONZRA discussed the need for an open source solution for detecting cache poisoning events with Dan. This white paper provides a brief background on DNS as it relates to cache auditing, a method for auditing recursive DNS server caches, and the details of CacheAudit, which is based on these auditing methods.

Download PDF HERE
Have a look our tools »
Without a question, ONZRA was the best resource I've ever pulled onto a project. Absolutely stunning quality and speed of work. Unique capability to both comprehend detailed/obscure customer requirements and to charge forward in a leadership position to engineer solutions. If you are lucky enough to be in a position to acquire some of their time, your job will get done, possibly early, definitely completely.
Dan Kaminsky
Security Researcher