Route filtering and its impact on the DNS fabric

Published: 2008-05-19
Last Updated: 2008-05-19 14:51:41 UTC
by Maarten Van Horenbeeck (Version: 1)
0 comment(s)

Information Security consultants regularly work with their clients to identify their "critical infrastructure": those assets which are needed to keep the organization running at an acceptable level. On such engagements, after the employees have listed and described their own assets, I tend to ask them "... and what about Google?". A lot of companies really need a good search engine ranking for their clients to find them. Something which can and has been attacked. It is however often not quite clear whose responsibility it is to monitor components such as these: information security or marketing?

There are several other components which make up the internet fabric that help users get where they need to be. Today, the people at Renesys posted a fascinating blog entry showing what could go wrong at a completely different level: DNS. They identify how the hijacking of IP space can pose a valid risk to the reliability of the internet as a business medium. While malicious intent can't be proven, this is exactly what appears to have affected L.root-servers.net in the recent history.

This is no reason to panic - it is however an indication of just one of many things the information security community needs to be aware of. Short lived BGP announcements have commonly been used to distribute spam, and inadvertent mistakes have brought down major web sites. Renesys' posting is an example of how a lack of route filtering can have even deeper, but less visible consequences.

Read their blog entry on the adventures of L.root-servers.net here.

Keywords: BGP dns name server
0 comment(s)

Text message and telephone aid scams

Published: 2008-05-19
Last Updated: 2008-05-19 14:45:21 UTC
by Maarten Van Horenbeeck (Version: 1)
0 comment(s)

Jim recently wrote a diary on the various scams related to Myanmar's cyclone and the Sichuan earthquake.

Usually, these scams take place by means of web sites which accept funds through Paypal or sometimes even wire transfers. However, as with all types of unsollicited messages, these were bound to move to other media as well.

Earlier today we received interesting reports from China of text messages (SMS) being distributed which request the reader to transfer money to a certain account number, or even just reply to the message to help fund relief to the Sichuan earthqake. In addition, late last week reports appeared of a message which invited readers to help the Red Cross fight "poverty and suffering" by making a call, or sending a text message.

While one would expect more physical acts, such as sending text messages or calling a number allow better identification of the culprits than more obscure credit card number theft and distribution,  this is often not the case. While the owner of a number may easily be identified in many cases, it is often just the company providing a service for another third party. The latter may have used fake For-a-fee telephone numbers, both for call and SMS are often purchased through service providers, which may require less stringent verification of their clients than the actual phone network.

Keywords: nargis phishing scam sichuan SMS
0 comment(s)

Comments

cwqwqwq

www

Nov 17th 2022
4 months ago

eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>

EEW

Nov 17th 2022
4 months ago

WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]

qwq

Nov 17th 2022
4 months ago

dwqqqwqwq mashood

mashood

Nov 17th 2022
4 months ago

[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)

isc.sans.edu

Nov 23rd 2022
3 months ago

[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]

isc.sans.edu

Nov 23rd 2022
3 months ago

What's this all about ..?

isc.sans.edu

Dec 3rd 2022
3 months ago

password reveal .

isc.sans.edu

Dec 3rd 2022
3 months ago

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission

isc.sans.edu

Dec 26th 2022
2 months ago

https://thehomestore.com.pk/

isc.sans.edu

Dec 26th 2022
2 months ago

Login here to join the discussion.


Diary Archives