Tag: network
-
The road to IPv6 is generally smooth but contains a few potholes
“The report of my death was an exaggeration,” Mark Twain famously said in 1897. It was indeed: Twain went on to live for another 13 years but did eventually die. The same is true for IPv4: reports of the pending ‘ipv4pocalypse’ have been doing the rounds for at least a decade (the most recent one…
-
The road to IPv6 is generally smooth but contains a few potholes
“The report of my death was an exaggeration,” Mark Twain famously said in 1897. It was indeed: Twain went on to live for another 13 years but did eventually die. The same is true for IPv4: reports of the pending ‘ipv4pocalypse’ have been doing the rounds for at least a decade (the most recent one…
-
Throwback Thursday: BGP – from route hijacking to RPKI: how vulnerable is the Internet?
Yesterday, a ‘ mysterious event ‘ involving BGP, the Internet’s border gateway protocol, led to the traffic to many popular websites being routed for around six minutes. BGP hijacks – the Internet equivalent of changing traffic direction signs – are not very common but occur more often than one would expect for a technology that is…
-
Throwback Thursday: BGP – from route hijacking to RPKI: how vulnerable is the Internet?
Yesterday, a ‘ mysterious event ‘ involving BGP, the Internet’s border gateway protocol, led to the traffic to many popular websites being routed for around six minutes. BGP hijacks – the Internet equivalent of changing traffic direction signs – are not very common but occur more often than one would expect for a technology that is…
-
Worms wiggling inside your networks are a lot harder to stop
Damaging though they were, the recent WannaCry and (Not)Petya outbreaks taught security practitioners many valuable lessons. Unfortunately, they taught important lessons to malware authors too. What contributed to the damage in both cases was the malware’s ability to spread internally using a number of methods, most prominently (though in (Not)Petya’s case not exclusively), a vulnerability…
-
Worms wiggling inside your networks are a lot harder to stop
Damaging though they were, the recent WannaCry and (Not)Petya outbreaks taught security practitioners many valuable lessons. Unfortunately, they taught important lessons to malware authors too. What contributed to the damage in both cases was the malware’s ability to spread internally using a number of methods, most prominently (though in (Not)Petya’s case not exclusively), a vulnerability…
-
Research paper shows it may be possible to distinguish malware traffic using TLS
Researchers at Cisco have published a paper ( PDF ) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic. The need for malware to communicate with its operators, so that it…
-
Research paper shows it may be possible to distinguish malware traffic using TLS
Researchers at Cisco have published a paper ( PDF ) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic. The need for malware to communicate with its operators, so that it…
-
VB2016 paper: Debugging and monitoring malware network activities with Haka
Anyone who has ever analysed malware through its network communications will knows that this often involves ad-hoc scripts in languages like Python or Perl to decode the traffic. After all, for somewhat understandable reasons, there is no standard C&C protocol for malware. If you regularly find yourself in this situation, you may want to have…
-
VB2016 paper: Debugging and monitoring malware network activities with Haka
Anyone who has ever analysed malware through its network communications will knows that this often involves ad-hoc scripts in languages like Python or Perl to decode the traffic. After all, for somewhat understandable reasons, there is no standard C&C protocol for malware. If you regularly find yourself in this situation, you may want to have…