Location Aware DDoS Attacks

Author: Jose Avila | Date: June 17, 2010

The future is coming and change is inevitable! This presentation will dive into how content delivery networks currently announce their networks, and how this may change as a proposed IETF draft gets implemented. The draft allows for an EDNS0 extension to relay source network information to authoritative name-servers. With Google, NeuStar, and Name.com sitting as the heavy backers to this draft, it will most definitely affect some of the largest networks on the planet. Botnets have historically relied on DNS for both hiding their networks and determining their targets. Attackers could leverage this extension to provide an in depth knowledge of a network's geographical layout, in order to launch targeted distributed denial of service attacks!

Download PDF HERE

Recursive DNS Cache Auditing

Author: Jose Avila | Date: July 25, 2010

Dan Kaminsky of IOActive recently discovered a flaw in multiple DNS server implementations. The flaw is detailed in US-Cert Vulerability Note VU#800113 Dan coordinated efforts with multiple experts, including Paul Vixie, to organize what could arguably be one of the most responsible disclosures conducted in this industry. This disclosure and subsequent release involved multiple vendors meeting together to discuss issues, and courses of action, and then simultaneously releasing patches to the public. In the months leading up to the public release, Jose Avila of ONZRA discussed the need for an open source solution for detecting cache poisoning events with Dan. This white paper provides a brief background on DNS as it relates to cache auditing, a method for auditing recursive DNS server caches, and the details of CacheAudit, which is based on these auditing methods.

Download PDF HERE

Engineering

Our team excels at developing highly fault tolerant, and scaleable application solutions

Read More

Design

From aesthetics to functionality, it is key to the success of the end-user experience

Read More

Security

Read about our World Class Security team.

Read More

Training

Learn from Only the best.

Read More

Research

Always on the cutting edge of technology.

Read More

Hollywood Office

6565 Sunset Blvd #518 Hollywood, CA 90028 P. +1 (323) 476-1331 E. info@onzra.com


Calendar


CanSecWest 2013

March 6-8 - Vancouver, BC

Defcon 21

Aug 1-4 - Las Vegas

FacebookTwitterLinkedIn