DOCSLIB.ORG

Secure Design and Coding for DNS D

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Secure Design and Coding for DNS D Attacks on DNS 1996: qmail 0.70. 1997: qmail 1.00. Cryptography in DNS 1998: qmail 1.03. Secure design and coding for DNS D. J. Bernstein University of Illinois at Chicago http://cr.yp.to /talks.html#2009.03.02 /talks.html#2009.03.03 /talks.html#2009.03.04 Attacks on DNS 1996: qmail 0.70. 1997: qmail 1.00. Cryptography in DNS 1998: qmail 1.03. Secure design and coding for DNS 1999: djbdns (dnscache) 0.60. D. J. Bernstein 2000: djbdns (dnscache) 1.00. University of Illinois at Chicago 2001: djbdns 1.05. http://cr.yp.to /talks.html#2009.03.02 /talks.html#2009.03.03 /talks.html#2009.03.04 Attacks on DNS 1996: qmail 0.70. 1997: qmail 1.00. Cryptography in DNS 1998: qmail 1.03. Secure design and coding for DNS 1999: djbdns (dnscache) 0.60. D. J. Bernstein 2000: djbdns (dnscache) 1.00. University of Illinois at Chicago 2001: djbdns 1.05. 2007: “Some thoughts on security http://cr.yp.to after ten years of qmail 1.0.” /talks.html#2009.03.02 /talks.html#2009.03.03 /talks.html#2009.03.04 Attacks on DNS 1996: qmail 0.70. 1997: qmail 1.00. Cryptography in DNS 1998: qmail 1.03. Secure design and coding for DNS 1999: djbdns (dnscache) 0.60. D. J. Bernstein 2000: djbdns (dnscache) 1.00. University of Illinois at Chicago 2001: djbdns 1.05. 2007: “Some thoughts on security http://cr.yp.to after ten years of qmail 1.0.” /talks.html#2009.03.02 /talks.html#2009.03.03 > 1000000 of the Internet’s /talks.html#2009.03.04 SMTP servers are running qmail. > 4000000 of the Internet’s second-level *.com names are published by djbdns. Attacks on DNS 1996: qmail 0.70. 1997: qmail 1.00. Cryptography in DNS 1998: qmail 1.03. Secure design and coding for DNS 1999: djbdns (dnscache) 0.60. D. J. Bernstein 2000: djbdns (dnscache) 1.00. University of Illinois at Chicago 2001: djbdns 1.05. 2007: “Some thoughts on security http://cr.yp.to after ten years of qmail 1.0.” /talks.html#2009.03.02 /talks.html#2009.03.03 > 1000000 of the Internet’s /talks.html#2009.03.04 SMTP servers are running qmail. > 4000000 of the Internet’s second-level *.com names are published by djbdns. No emergency upgrades, ever. Attacks on DNS 1996: qmail 0.70. Some DNS buffer overflows 1997: qmail 1.00. Cryptography in DNS “CVE-2008-2469: Heap-based buffer 1998: qmail 1.03. overflow in the SPF dns resolv lookup Secure design and coding for DNS function in Spf dns resolv.c in libspf2 1999: djbdns (dnscache) 0.60. before 1.2.8 allows remote attackers to D. J. Bernstein 2000: djbdns (dnscache) 1.00. execute arbitrary code via a long DNS TXT record with a modified length field.” University of Illinois at Chicago 2001: djbdns 1.05. “CVE-2008-2357: Stack-based buffer 2007: “Some thoughts on security overflow in the split redraw function in http://cr.yp.to after ten years of qmail 1.0.” split.c in mtr before 0.73, when invoked /talks.html#2009.03.02 with the -p (aka –split) option, allows remote attackers to execute arbitrary > 1000000 of the Internet’s /talks.html#2009.03.03 code via a crafted DNS PTR record.” /talks.html#2009.03.04 SMTP servers are running qmail. “CVE-2008-0530: Buffer overflow in > 4000000 of the Internet’s Cisco Unified IP Phone 7940, 7940G, second-level *.com names 7960, and 7960G running SCCP and SIP are published by djbdns. firmware might allow remote attackers to execute arbitrary code via a crafted DNS No emergency upgrades, ever. response.” Attacks on DNS 1996: qmail 0.70. Some DNS buffer overflows 1997: qmail 1.00. Cryptography in DNS “CVE-2008-2469: Heap-based buffer 1998: qmail 1.03. overflow in the SPF dns resolv lookup Secure design and coding for DNS function in Spf dns resolv.c in libspf2 1999: djbdns (dnscache) 0.60. before 1.2.8 allows remote attackers to D. J. Bernstein 2000: djbdns (dnscache) 1.00. execute arbitrary code via a long DNS TXT record with a modified length field.” University of Illinois at Chicago 2001: djbdns 1.05. “CVE-2008-2357: Stack-based buffer 2007: “Some thoughts on security overflow in the split redraw function in http://cr.yp.to after ten years of qmail 1.0.” split.c in mtr before 0.73, when invoked /talks.html#2009.03.02 with the -p (aka –split) option, allows remote attackers to execute arbitrary > 1000000 of the Internet’s /talks.html#2009.03.03 code via a crafted DNS PTR record.” /talks.html#2009.03.04 SMTP servers are running qmail. “CVE-2008-0530: Buffer overflow in > 4000000 of the Internet’s Cisco Unified IP Phone 7940, 7940G, second-level *.com names 7960, and 7960G running SCCP and SIP are published by djbdns. firmware might allow remote attackers to execute arbitrary code via a crafted DNS No emergency upgrades, ever. response.” Attacks on DNS 1996: qmail 0.70. Some DNS buffer overflows 1997: qmail 1.00. Cryptography in DNS “CVE-2008-2469: Heap-based buffer 1998: qmail 1.03. overflow in the SPF dns resolv lookup Secure design and coding for DNS function in Spf dns resolv.c in libspf2 1999: djbdns (dnscache) 0.60. before 1.2.8 allows remote attackers to D. J. Bernstein 2000: djbdns (dnscache) 1.00. execute arbitrary code via a long DNS TXT record with a modified length field.” University of Illinois at Chicago 2001: djbdns 1.05. “CVE-2008-2357: Stack-based buffer 2007: “Some thoughts on security overflow in the split redraw function in http://cr.yp.to after ten years of qmail 1.0.” split.c in mtr before 0.73, when invoked /talks.html#2009.03.02 with the -p (aka –split) option, allows remote attackers to execute arbitrary > 1000000 of the Internet’s /talks.html#2009.03.03 code via a crafted DNS PTR record.” /talks.html#2009.03.04 SMTP servers are running qmail. “CVE-2008-0530: Buffer overflow in > 4000000 of the Internet’s Cisco Unified IP Phone 7940, 7940G, second-level *.com names 7960, and 7960G running SCCP and SIP are published by djbdns. firmware might allow remote attackers to execute arbitrary code via a crafted DNS No emergency upgrades, ever. response.” 1996: qmail 0.70. Some DNS buffer overflows 1997: qmail 1.00. “CVE-2008-2469: Heap-based buffer 1998: qmail 1.03. overflow in the SPF dns resolv lookup function in Spf dns resolv.c in libspf2 1999: djbdns (dnscache) 0.60. before 1.2.8 allows remote attackers to 2000: djbdns (dnscache) 1.00. execute arbitrary code via a long DNS 2001: djbdns 1.05. TXT record with a modified length field.” “CVE-2008-2357: Stack-based buffer 2007: “Some thoughts on security overflow in the split redraw function in after ten years of qmail 1.0.” split.c in mtr before 0.73, when invoked with the -p (aka –split) option, allows remote attackers to execute arbitrary > 1000000 of the Internet’s code via a crafted DNS PTR record.” SMTP servers are running qmail. “CVE-2008-0530: Buffer overflow in > 4000000 of the Internet’s Cisco Unified IP Phone 7940, 7940G, second-level *.com names 7960, and 7960G running SCCP and SIP are published by djbdns. firmware might allow remote attackers to execute arbitrary code via a crafted DNS No emergency upgrades, ever. response.” 1996: qmail 0.70. Some DNS buffer overflows “CVE-2008-0122: Off-by-one error in the 1997: qmail 1.00. inet network function in libbind in ISC “CVE-2008-2469: Heap-based buffer BIND 9.4.2 and earlier, as used in libc in 1998: qmail 1.03. overflow in the SPF dns resolv lookup FreeBSD 6.2 through 7.0-PRERELEASE, function in Spf dns resolv.c in libspf2 allows context-dependent attackers to 1999: djbdns (dnscache) 0.60. before 1.2.8 allows remote attackers to cause a denial of service (crash) and 2000: djbdns (dnscache) 1.00. execute arbitrary code via a long DNS possibly execute arbitrary code via crafted 2001: djbdns 1.05. TXT record with a modified length field.” input that triggers memory corruption.” “CVE-2008-2357: Stack-based buffer 2007: “Some thoughts on security “CVE-2007-2434: Buffer overflow in overflow in the split redraw function in asnsp.dll in Aventail Connect 4.1.2.13 after ten years of qmail 1.0.” split.c in mtr before 0.73, when invoked allows remote attackers to cause a denial with the -p (aka –split) option, allows of service (application crash) or execute remote attackers to execute arbitrary > 1000000 of the Internet’s arbitrary code via a malformed DNS code via a crafted DNS PTR record.” SMTP servers are running qmail. query.” “CVE-2008-0530: Buffer overflow in > 4000000 of the Internet’s “CVE-2007-2362: Multiple buffer Cisco Unified IP Phone 7940, 7940G, second-level *.com names overflows in MyDNS 1.1.0 allow remote 7960, and 7960G running SCCP and SIP attackers to (1) cause a denial of service are published by djbdns. firmware might allow remote attackers to (daemon crash) and possibly execute execute arbitrary code via a crafted DNS arbitrary code via a certain update, which No emergency upgrades, ever. response.” triggers a heap-based buffer overflow 1996: qmail 0.70. Some DNS buffer overflows “CVE-2008-0122: Off-by-one error in the 1997: qmail 1.00. inet network function in libbind in ISC “CVE-2008-2469: Heap-based buffer BIND 9.4.2 and earlier, as used in libc in 1998: qmail 1.03.
Load more

Recommended publications
  • Linux Networking Cookbook.Pdf
    Linux Networking Cookbook ™ Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Editor: Mike Loukides Indexer: John Bickelhaupt Production Editor: Sumita Mukherji Cover Designer: Karen Montgomery Copyeditor: Derek Di Matteo Interior Designer: David Futato Proofreader: Sumita Mukherji Illustrator: Jessamyn Read Printing History: November 2007: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc. Java™ is a trademark of Sun Microsystems, Inc. .NET is a registered trademark of Microsoft Corporation. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]
  • Linux Server Security, 2Nd Edition Expertly Conveys to Administrators
    Linux Server Security, 2nd Edition By Michael D. Bauer Publisher: O'Reilly Pub Date: January 2005 ISBN: 0-596-00670-5 Pages: 542 Table of • Contents • Index • Reviews • Examples Linux Server Security, 2nd Edition expertly conveys to administrators and Reader developers the tricks of the trade that can help them avoid serious • Reviews security breaches. It covers both background theory and practical step-by- • Errata step instructions for protecting a server that runs Linux. Packed with • Academic examples, this must-have book lets the good guys stay one step ahead of potential adversaries. Linux Server Security, 2nd Edition By Michael D. Bauer Publisher: O'Reilly Pub Date: January 2005 ISBN: 0-596-00670-5 Pages: 542 Table of • Contents • Index • Reviews • Examples Reader • Reviews • Errata • Academic Copyright dedication Dedication Preface What This Book Is About The Paranoid Penguin Connection The Second Edition Audience What This Book Doesn't Cover Assumptions This Book Makes Organization of This Book Conventions Used in This Book Safari® Enabled How to Contact Us Using Code Examples Acknowledgments Chapter 1. Threat Modeling and Risk Management Section 1.1. Components of Risk Section 1.2. Simple Risk Analysis: ALEs Section 1.3. An Alternative: Attack Trees Section 1.4. Defenses Section 1.5. Conclusion Section 1.6. Resources Chapter 2. Designing Perimeter Networks Section 2.1. Some Terminology Section 2.2. Types of Firewall and DMZ Architectures Section 2.3. Deciding What Should Reside on the DMZ Section 2.4. Allocating Resources in the DMZ Section 2.5. The Firewall Chapter 3. Hardening Linux and Using iptables Section 3.1.
    [Show full text]
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb
    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
    [Show full text]
  • Curriculum Vitae
    Curriculum Vitae Personal Contact Information Name: Georgi Georgiev Address: Dobrich, Maxim Gorki 5 Dobrich, Bulgaria Mobile: +359889085362 E-mail: [email protected] PROFESSIONAL CERTIFICATION Cisco CCNA2 certificate Management Game Certificate (Arnhem Business School) University education: 2006 - 2008 Studied 2 years in International University College – Dobrich, Bulgaria specialty of "International Business and Management". Currently I am graduating HRQM (Human Resources & Quality Management) student at “Arnhem Business School” The Netherlands. I'm looking for a company to start with my Graduation assignment which has to be in the field of Strategic Human Resources. Secondary School Education: Natural-Mathematics High School "Ivan Vazov", Dobrich Study Profile: Mathematics and Informatics with intensive learning of English Language Form of Education: by day, term of education 3 years Driving License: Category B Mobile: +359889085362 Georgi Dimitrov Georgiev Mail: [email protected] Personal Information Birth Date: 08.10.1983 Place of Birth: Dobrich, Bulgaria Citizenship: Dobrich Merital Status: Single Work Experience 23.05.2001 - 01.09.2002 - Windows and Linux Tech support at Internet Coffee Club in the town of Dobrich, Bulgaria Worked in a small Internet Coffee my task was to support the local Internet Router and Support user desktop stations running Windows 98, Windows XP, Mandrake Linux, Redhat Linux. 20.02.2003 - 25.03.2004 - remote Linux System Administrator at Internet Coffee Club located in the town of Radnevo, Bulgaria My job assignments there were to administrate remotely two Linux servers running different client services, like mail server (exim), linux firewall, samba server, apache 1.x webserver and also to help the IT personnel in the Internet club with maintenance advices.
    [Show full text]
  • The Qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 Pages)
    < Free Open Study > The qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 pages) This guide begins with a discussion of qmail s history, architecture and features, and then goes into a thorough investigation of the installation and configuration process. Table of Contents The qmail Handbook Introduction Ch apt - Introducing qmail er 1 Ch apt - Installing qmail er 2 Ch apt - Configuring qmail: The Basics er 3 Ch apt - Using qmail er 4 Ch apt - Managing qmail er 5 Ch apt - Troubleshooting qmail er 6 Ch apt - Configuring qmail: Advanced Options er 7 Ch apt - Controlling Junk Mail er 8 Ch apt - Managing Mailing Lists er 9 Ch apt - Serving Mailboxes er 10 Ch apt - Hosting Virtual Domain and Users er 11 Ch apt - Understanding Advanced Topics er 12 Ap pe ndi - How qmail Works x A Ap pe ndi - Related Packages x B Ap pe ndi - How Internet Mail Works x C Ap pe ndi - qmail Features x D Ap pe - Error Messages ndi x E Ap pe - Gotchas ndi x F Index List of Figures List of Tables List of Listings < Free Open Study > < Free Open Study > Back Cover • Provides thorough instruction for installing, configuring, and optimizing qmail • Includes coverage of secure networking, troubleshooting issues, and mailing list administration • Covers what system administrators want to know by concentrating on qmail issues relevant to daily operation • Includes instructions on how to filter spam before it reaches the client The qmail Handbook will guide system and mail administrators of all skill levels through installing, configuring, and maintaining the qmail server.
    [Show full text]
  • The Case of Ipv6 LLU Endpoint Address Support in DNS
    The case of IPv6 LLU endpoint address support in DNS Erwin Hoffmann Frankfurt University of Applied Sciences Faculty of Computer Science and Engineering January 12, 2020 Abstract The fehQlibs and djbdnscurve6 provide a DNS library which support IPv6 LLU endpoint addresses. The inclusion of IPv6 LLU endpoint addresses for DNS services is discussed and shown to be beneficial for particular use cases. Applications linked with this library allow user-specific DNS settings. Apart from binding to IPv6 LLU addresses and dual-stack usage, additionally ’reverse IPv6 anycasting’ is an achieved goal welcomed for IoT devices. 1 IPv6 in DNS There is no question that IPv6 LLU ad- dresses never can be object of any DNS The support of IPv6 addresses within DNS lookup; but could they be the acting subject Resource Records (RR) has been settled with of DNS resolver and perhaps a DNS server? RFC 3596 [30] taking only the Quad-A format Could the DNS query and also the response AAAA into consideration. The inverse nibble facilitate IPv6 LLU endpoint addresses? format for IPv6 addresses is also well defined. This questions will be investigated here and However, there is a significant gap applying a solution will be outlined using the DNS IPv6 addresses within the DNS, though RFC implementation ’djbdnscurve6’[14] together 4472 [5] clearly expels IPv6 Link-Local Unicast with the separate DNS stub resolver library (LLU) addresses as AAAA RRs in a zone file: available with ’fehQlibs’[10]. Both solutions are based on D.J. Bernstein’s developments [2] 2.1. Limited-Scope Addresses and are particular tailored for IPv6 support, The IPv6 addressing architecture including all required functions to deal with [RFC4291] includes two kinds of local- parsing and representation of IPv6 addresses, use addresses: link-local (fe80::/10) and which are partially taken from Felix von Leit- site-local (fec0::/10).
    [Show full text]
  • The IRONSIDES Project: Final Report
    197 The IRONSIDES Project: Final Report Barry S. Fagin and Martin C. Carlisle Dept of Computer Science, US Air Force Academy 80840 Tel: 1-719-333-3338; email: [email protected]. Abstract rigorous software design and provable security properties. The two most popular DNS servers, BIND and WINDNS, In a project intended to improve the security of have a large number of known security flaws, including internet software, the authors developed IRONSIDES: crashing in response to the injection of bad data and bugs A DNS server written in Ada/SPARK. Our long-term that permit remote execution [3], [4]. These are described goals were a) to show that a fully functional in more detail in the sections that follow. component of the internet software suite could be written with provably better security properties than 2 The IRONSIDES Project existing alternatives, b) to show that it could be done The authors believed many of the security problems with within the relatively modest re-sources available for a DNS servers, web servers, and other internet software research project at an undergraduate university, c) to could be avoided with the use of better programming tools, determine the suitability of Ada/SPARK for such a such as the use of different programming languages and project, and d) to compare the performance of the formal methods. They chose Ada and SPARK as an resulting software to existing alternatives and appropriate development environment to implement a determine to what extent, if any, the addition of provably secure DNS server from the ground up. provable security properties affects performance.
    [Show full text]
  • The LPIC-2 Exam Prep I
    The LPIC-2 Exam Prep i The LPIC-2 Exam Prep Copyright 2013 Snow B.V. The LPIC-2 Exam Prep ii Copyright © 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Snow B.V. Copyright 2013 Snow B.V. The LPIC-2 Exam Prep iii COLLABORATORS TITLE : The LPIC-2 Exam Prep ACTION NAME DATE SIGNATURE WRITTEN BY Heinrich W. 2010 Klöpping, Beno T.J. Mesman, Piet W. Plomp, Willem A. Schreuder, Ricky Latupeirissa, Patryck Winkelmolen, Many, many Snow B.V. colleagues for peer reviewing and authoring updates., Jos Jansen, and Joost Helberg REVISION HISTORY NUMBER DATE DESCRIPTION NAME Copyright 2013 Snow B.V. The LPIC-2 Exam Prep iv Contents 0 Capacity Planning (200) 1 0.1 Measure and Troubleshoot Resource Usage (200.1) . .1 0.1.1 iostat .....................................................2 0.1.2 vmstat ....................................................2 0.1.3 netstat ....................................................3 0.1.4 ps .......................................................4 0.1.5 pstree .....................................................5 0.1.6 w .......................................................5 0.1.7 lsof ......................................................5 0.1.8 free ......................................................6 0.1.9 top . .6 0.1.10 uptime ....................................................7 0.1.11 sar ......................................................7 0.1.12 Match / correlate system symptoms with likely problems . .8 0.1.13 Estimate throughput and identify bottlenecks in a system including networking . .8 0.2 Predict Future Resource Needs (200.2) . .8 0.2.1 ........................................................9 0.2.2 Predict future growth . .9 0.2.3 Resource Exhaustion . .9 0.3 Questions and answers . 10 1 Linux Kernel (201) 11 1.1 Kernel Components (201.1) . 11 1.1.1 Different types of kernel images .
    [Show full text]
  • Creating a Patch and Vulnerability Management Program
    Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Archived Publication Series/Number: NIST Special Publication 800-40 Version 2.0 Title: Creating a Patch and Vulnerability Management Program Publication Date(s): November 2005 Withdrawal Date: July 2013 Withdrawal Note: SP 800-40 is superseded by the publication of SP 800-40 Revision 3 (July 2013). Superseding Publication(s) The attached publication has been superseded by the following publication(s): Series/Number: NIST Special Publication 800-40 Revision 3 Title: Guide to Enterprise Patch Management Technologies Author(s): Murugiah Souppaya, Karen Scarfone Publication Date(s): July 2013 URL/DOI: http://dx.doi.org/10.6028/NIST.SP.800-40r3 Additional Information (if applicable) Contact: Computer Security Division (Information Technology Lab) Latest revision of the SP 800-40 Revision 3 (as of June 19, 2015) attached publication: Related information: http://csrc.nist.gov/ Withdrawal SP 800-40 Version 2 provides basic guidance on establishing patch announcement (link): management programs, and guidance to organizations with legacy needs. Date updated: June Ϯϯ, 2015 Special Publication 800-40 Version 2.0 Creating a Patch and Vulnerability Management Program Recommendations of the National Institute of Standards and Technology (NIST) Peter Mell Tiffany Bergeron David Henning NIST Special Publication 800-40 Creating a Patch and Vulnerability Version 2.0 Management Program Recommendations of the National Institute of Standards and Technology Peter Mell Tiffany Bergeron David Henning C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 November 2005 U.S.
    [Show full text]
  • Seguridad En DNS
    Seguridad en DNS. Francisco José Bordes Romaguera Máster Interuniversitario en Seguridad de las Tecnologías de la Información y la Comunicación Seguridad empresarial Manuel Jesús Mendoza Flores Víctor García Font Domingo 22 de diciembre de 2019 i Esta obra está sujeta a una licencia de Reconocimiento-NoComercial- SinObraDerivada 3.0 España de Creative Commons ii FICHA DEL TRABAJO FINAL Título del trabajo: Seguridad en DNS Nombre del autor: Francisco José Bordes Romaguera Nombre del consultor/a: Manuel Jesús Mendoza Flores Nombre del PRA: Nombre y dos apellidos Fecha de entrega (mm/aaaa): 12/2019 Máster Interuniversitario en Seguridad de las Titulación: Tecnologías de la Información y la Comunicación Área del Trabajo Final: M1.849 - TFM-Seguridad empresarial aula 1 Idioma del trabajo: Español Palabras clave DNS, RPZ, malware, seguridad, ioc2rpz Resumen del Trabajo (máximo 250 palabras): Con la finalidad, contexto de aplicación, metodología, resultados i conclusiones del trabajo. Este trabajo expone una solución contra el acceso a dominios malintencionados que no requiere apenas cambios en cualquier infraestructura de red ya organizada. La solución de ioc2rpz permite gestionar de manera gráfica los dominios a los que queremos bloquear el acceso desde nuestra red a nivel de DNS y actualiza la configuración de nuestro servidor DNS. Los resultados del trabajo han sido que, sin propagar peticiones, nuestro servidor DNS devuelve respuestas NXDOMAIN a peticiones de dominios que hemos configurado en ioc2rpz que son maliciosos. Aplicar rpz nos permite proteger nuestra red de una manera proactiva y con pocos recursos dedicados a la gestión, aunque sí es necesario disponer de recursos destinados para el análisis e investigación.
    [Show full text]
  • How Qmail Works
    APPENDIX A How qmail Works You DON'T NEED TO UNDERSTAND how qmail works to install or use qmail. And you don't have to be an auto mechanic to operate a car or a watchmaker to tell time. Eut if you really want to master qmail, knowing exactly how it does what it does is crucial. Luckily, qmail's simple, modular design makes understanding how it works easy for a system as complex as a Mail Transfer Agent (MTA). This appendix takes a top-down approach: first looking at how the modules interact with each other, then looking at how each module does its job. High-Level Overview The grand division in qmail is between the modules that accept new messages and place them into the queue and the modules that deliver them from the queue. We'll call these functions receivingand sending. The separation between receiving and sending is complete: Either of these functions can be fully oper­ ational while the other is shut down. Figure A-l shows the high-level organization of qmail. Incoming Receiving Queue Sending Delivered Messages Messages Figure A -1. High-level qmail organization Receiving Messages enter the queue through two main routes: local injection using qmail-inject or sendmail and network injection using qmail-smtpd, qmail-qmtpd 417 AppendixA or qmail-qmqpd. Both ofthese routes use qmail-queue to actually inject their mes­ sages into the queue. Figure A-2 shows the organization ofthe receiving function. QMQP tcpserver QMTP tcpserver SMTP tcpserver Queue Local------------­ MUA Figure A-2. The receivingfunction Sending Messages are delivered from the queue through two main routes: local delivery using qma il-loca 1 and remote delivery using qma il-remote.
    [Show full text]
  • January/February 2021
    January/February 2021 Case Studies: n Tarsnap n Netflix n BALLY WULFF Also: FreeBSD for the Writing Scholar New Faces of FreeBSD Practical Ports ® LETTER J O U R N A L from the Foundation E d i t o r i a l B o a r d John Baldwin FreeBSD Developer and Chair of • FreeBSD Journal Editorial Board. Justin Gibbs Founder of the FreeBSD Foundation, • President of the FreeBSD Foundation, elcome 2021! and a Software Engineer at Facebook. Like many of you, the Foundation team Daichi Goto Director at BSD Consulting Inc. • (Tokyo). was pretty happy to see that clock strike Tom Jones FreeBSD Developer, Internet Engineer W Midnight on January 1, 2021. Last year will definitely • and Researcher at the University of Aberdeen. go down as one of the most memorable in the Dru Lavigne Author of BSD Hacks and • The Best of FreeBSD Basics. Foundation’s 20-year history. However, we’re happy Michael W Lucas Author of Absolute FreeBSD. to report it ended on a positive note. Thanks to your • Ed Maste Director of Project Development, generous support, the Foundation was able to raise • FreeBSD Foundation and Member of the FreeBSD Core Team. enough funds to not only continue our efforts to Kirk McKusick Treasurer of the FreeBSD Foundation support the FreeBSD Project, but also expand our • Board, and lead author of The Design and Implementation book series. software development and advocacy efforts in 2021. George V. Neville-Neil Director of the FreeBSD Foundation Board, • Member of the FreeBSD Core Team, and From new hires in the software development group co-author of The Design and Implementation to increased online content and greater focus on of the FreeBSD Operating System.
    [Show full text]