Category Archive

You are currently browsing the category archive for the 'network security' category.

DNSSEC

September 7, 2007 in network security, networking | Leave a comment

DNSSEC seems to be growing in popularity. At least in the eyes of the American Administration. See:

http://www.schneier.com/blog/archives/2007/04/dept_of_homelan.html

Basically as I understand it DNSSEC adds an extra layer to the BIND protocols in providing signed zone transfers. Since zone transfers are deemed to be arguably the most risky part of running a DNS server, this should be a good thing.

But is it? Do we really want to pay extra for the privilege of extra certification costs. Exactly how important is it to have authorisation from another party when updating or modifying your own domain.

More on the argument against:

http://www.matasano.com/log/754/a-case-against-dnssec-a-matasano-miniseries/

I believe this has to be balanced with the argument I made in Spam Blogs and comment spam.

Spam blogs and comment spam

April 25, 2007 in network security, web | Leave a comment

I found this rather interesting paper on the rise of spam blogging and the suggested solutions to getting rid of it. It is written by Yi-Min Wang and Ming Ma from Microsoft® Research and Yuan Niu and Hao Chen from the University of California, Davis.

http://www.cs.ucdavis.edu/~hchen/paper/www07.pdf

There is more about the monthly rise in spam blogs on

http://fightsplog.blogspot.com

I find spam comments and high google rating for spam pages pretty irritating. To find out how these tricks work and that they are now are connected to the ongoing assault of our inboxes is intriguing, although also slightly worrying. Whilst I can see that advertisers and syndicators might have a hard time trying to find and associate with good content on the web, I see that they certainly have a hand in where the WWW will end up.

Ultimately I guess it is all our responsibility not to click spam links and thus not feed the problem.

Whilst I think the rise in the use of SPF (Sender Policy Framework) or SenderID will shift some of the work of fighting spam to DNS, this may cause an increase in DNS cache poisoning as spamers resolve to take over domains with access to certain widely used mail servers. Hopefully DNSSEC and similar technologies can fill the gaps in security.

Trademarks are the property of their respective owners.

 

November 2009
M T W T F S S
« Jul    
 1
2345678
9101112131415
16171819202122
23242526272829
30