DOCSLIB.ORG

Watchguard Security Report 2017 Q1

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Internet Security Report QUARTER 1, 2017 Contents Contents The Firebox® Feed provides 03 Introduction quantifiable data and trends 04 Executive Summary about hackers’ latest attacks, and 05 Firebox Feed Statistics understanding these trends can 07 Malware Trends help us improve our defenses. 08 Quarter-over-Quarter Malware Comparison 08 Malicious JavaScript Still Menaces 09 A Rise in Linux Malware 11 Evil Cross-platform Java Malware 11 Old Attacks: Malicious Perl Bot 12 A Pair of Generic Windows Trojans 12 Malicious Macros Hide in the Weeds 13 Geographic Malware Distribution 14 Zero Day vs Known Malware 15 Network Attack Trends 15 Top Network Attacks 16 Quarter-over-Quater Attack Comparison A B 16 Web Battleground Shifts to Servers 16 Web Application Attacks Move Up Reset A B 17 StageFright Returns to the Spotlight Reset 18 Geographic Attack Distribution 20 Firebox Feed Statistics: Defense Learnings 20 Malicious JavaScript in Email 20 Web-based Linux Malware 20 Brazilian Banking Malware Campaign 21 Top Security Incidents 22 The CIA Vault 7 Leaks 25 Marble Framework Defense Learnings 26 WatchGuard Threat Lab’s IoT Research Project 27 Responsible Disclosure: Ouvis C2 HD Security Camera 31 IoT Research: Defensive Learnings 32 Conclusion & Defense Highlights Internet Security Report: Q1 2017 • 2 Introduction The report for Q1 2017 Introduction includes: Have you ever wondered what Many trends and discoveries from types of cyber attacks affect small 05 the Firebox Feed to midsize businesses (SMBs) and What types of malware do we catch most often in the wild? Which network services do distributed enterprises (DEs)? Well, attackers commonly target? What are the you’ve come to the right place. most popular attacks in different regions of the world? Which delivery mechanisms do cyber WatchGuard’s Internet Security Report is based on criminals most regularly rely on? You can learn Firebox Feed data coming from more than 26,000 all this and more in our Firebox Feed Statistics unified threat management (UTM) appliances that section. are monitoring and protecting SMBs and distributed enterprises around the world. This data gives us Top Story: CIA Vault 7 leaks Every quarter, you’re flooded with interesting insights into what types of network exploits, malware 11 and relevant information, security stories and infections, and advanced attacks are launched by incidents. Some of them can have industry- cyber criminals every month, and how they change wide effects. This quarter our researchers and update their attacks over time. We share these comment on the CIA Vault 7 leak from Q1 2016 trends and insights with you every quarter in our and share some additional technical analysis Internet Security Report. you didn’t see in the news. Latest Internet of Things (IoT) 22 research The WatchGuard Threat Lab constantly runs security research projects to study the threats and issues affecting businesses today. For the last few quarters, our researchers have been analyzing the security of consumer IoT devices. This quarter we disclose a vulnerability we found in the Ouvic C2 HD Security Camera. Most importantly, defensive learnings 33 While some might consider the threat landscape interesting on anecdotal merit alone, you can put these trends and learnings to good use. We share these trends and findings so that you can cater your defenses to the latest attacks. We share various protective tips throughout this report, and summarize with our top learnings. We’re excited to share our second report based on data analysis from our Firebox Feed, and our additional re- search projects. We believe this quantifiable data gives us a deeper insight into the most prevalent threats our customers face and how cyber criminals craft their latest attacks. Our quarter-over-quarter analysis also shows how attackers evolve their techniques and focuses over time. We hope this report provides useful information, and you make it a regular part of your InfoSec awareness and training. Thanks for joining us this quarter, and read on for our latest threat landscape findings. Internet Security Report: Q1 2017 • 3 Summary Executive Summary Even when malware declines, other attacks rise. Consumers and businesses are under the constant deluge of network attacks, phishing, and malware. Criminals target Brazilian banks, nation-states anonymize their tools, and advanced threats get past legacy defenses. If you want to keep your business online, you need to stay vigilant against these attack trends so you can identify defenses for them. This report provides some details around those and other trends. Here’s a high-level summary of some of the things you’ll learn from this report: • Linux malware is on the rise, making up 36% of the top malware we detected in Q1 (if you count PERL/Shellbot). We believe this increase comes from attackers targeting IoT devices. • Legacy AV missed 38% of malware. In Q4, signature-based AV missed 30% of the threats we caught overall. This quarter, those misses increased 8% despite a general decline in malware detection overall. This means increasingly more malware evades traditional AV solutions. • Threat actors take a break from hacking the holidays. Overall, threat volume decreased 52% in Q1 2017 compared to Q4 2016. We believe the drop in malware detections can be attributed to the absence of seasonal malware campaigns associated with various Q4 holidays, which increased overall malware instances during that period. • Conversely, network attacks are up 37% compared to Q4, likely due to automated tools that always look for new victims. • The web battleground shifted towards web servers. Last quarter, we saw more exploits that were used for drive-by downloads (web client attacks). In Q1, 82% of the top network attacks targeted web servers (or other web-based services). • Our top ten XSS attack primarily targeted Spain. We aren’t sure why this particular cross-site scripting exploit was popular in Spain, but it was. • Attackers still exploit the Android StageFright flaw. A mobile device vulnerability cracked our top ten attack list this quarter, breaking the previously unchallenged web attack theme. • Criminals target Brazilian banks with cross-platform malware. We detected a large amount of email- based Java malware sent to victims in Brazil. We suspect this is part of the well-known Banloader banking malware campaign. Those are just a few of the many trends this report explores. Read on for more in-depth explanations and 7,072,178 In Q1, 2017 malware variants WatchGuard (266 per device)* blocked over 4,151,210 malware variants (156 per device)* * average per participating device Internet Security Report: Q1 2017 • 4 Firebox Feed Statistics Internet Security Report: Q1 2017 • 5 Firebox Feed Statistics Firebox Feed Statistics The threat landscape does not stand still. Cyber criminals constantly change their tools, tactics, and campaigns to exploit the most opportune attack techniques of the time. Savvy attackers pay attention to seasonal events, pop culture, and other technological trends to leverage the latest tricks to hack more victims. To keep up your defenses, you must remain aware of the latest threat trends. Using this report, you can fine-tune your defenses to block the latest threats. WatchGuard’s Firebox Feed provides quantifiable The Firefox Feed currently only captures data data about the latest malware and network attacks from a fraction of our customers, since it relies globally. The feed is a database of anonymized on customers running the latest versions of our threat data gathered from tens of thousands of firmware. However, with information from over active Fireboxes around the globe. It records the 26,000 devices, the Firebox Feed provides a statistically relevant view into today’s threats. latest malware from our Gateway AntiVirus (GAV) and APT Blocker services, and it archives the most This section of the report highlights the malware and prevalent network attacks blocked by our Intrusion network attack trends our Firebox Feed uncovered in Prevention Service (IPS) service. It also records Q1 2017. Here we share our analysis of these trends, location data to learn how different threats affect and provide defense tips that help you avoid the different geographic regions. It doesn’t, however, latest malware and attacks. capture any sensitive data about our customers’ networks or configurations, and allows customers to optout of this feed whenever they like. The information from over 26,000 devices, the Firebox feed provides a statistically relevant view into today’s threats. This section of the report highlights the malware and network attack trends our Firebox Feed uncovered in Q1 2017. Here we share our analysis of these trends, and provide defense tips that help you avoid the latest malware and attacks. Internet Security Report: Q1 2017 • 6 Firebox Feed Statistics Malware Trends Most cyber attacks involve malware. After breaching your network, criminals usually want to establish “persistence,” meaning they want to find a way to retain access to your computer and network. Typically, they install malware to retain this persistence. This section details the malware-specific trends from our Q1 2017 data. Let’s start with the raw Q1 2017 numbers: • The Firebox Feed recorded threat data from Our malware data comes from two 26,584 active Fireboxes; a 7.7% increase in Firebox services: devices reporting in Q4 2016. • The basic Gateway AntiVirus (GAV) service, • Our GAV service blocked 7,072,178 malware which uses signatures and static heuristics to variants; representing an average of 266 malware catch known malware. samples blocked per Firebox. This represents a • APT Blocker, our advanced malware prevention 52% decline in overall malware compared to last service, which uses behavior detection to catch quarter, and a 56% decline in malware blocked new or “zero day” malware. per Firebox. • APT Blocker stopped an additional 2,568,727 malware variants; representing a 34% decline Figure 1: Top Ten Firebox GAV Hits for Q1 2017 from last quarter.
Recommended publications
  • BSD – Alternativen Zu Linux

    BSD – Alternativen Zu Linux

    ∗BSD { Alternativen zu Linux Karl Lockhoff March 19, 2015 Inhaltsverzeichnis I Woher kommt BSD? I Was ist BSD? I Was ist sind die Unterschiede zwischen FreeBSD, NetBSD und OpenBSD? I Warum soll ich *BSD statt Linux einsetzen? I Chuck Haley und Bill Joy entwickeln den vi in Berkeley I Bill Joy erstellt eine Sammlung von Tools, 1BSD I Unix Version 7 erscheint I 2BSD erscheint (Basis f¨urdie Weiterentwicklung PDP-11) I 3BSD erscheint (erstmalig mit einen eigenen Kernel) I 4BSD erscheint (enth¨altdas fast file system (ffs)) I Bill Joy wechselt zu Sun Microsystems I Kirk McKusick ¨ubernimmt die Entwicklung von BSD I 1978 I 1979 I 1980 I 1981 Woher kommt BSD? I 1976 I Unix Version 6 erscheint I 2BSD erscheint (Basis f¨urdie Weiterentwicklung PDP-11) I 3BSD erscheint (erstmalig mit einen eigenen Kernel) I 4BSD erscheint (enth¨altdas fast file system (ffs)) I Bill Joy wechselt zu Sun Microsystems I Kirk McKusick ¨ubernimmt die Entwicklung von BSD I Bill Joy erstellt eine Sammlung von Tools, 1BSD I Unix Version 7 erscheint I 1979 I 1980 I 1981 Woher kommt BSD? I 1976 I Unix Version 6 erscheint I 1978 I Chuck Haley und Bill Joy entwickeln den vi in Berkeley I 2BSD erscheint (Basis f¨urdie Weiterentwicklung PDP-11) I 3BSD erscheint (erstmalig mit einen eigenen Kernel) I 4BSD erscheint (enth¨altdas fast file system (ffs)) I Bill Joy wechselt zu Sun Microsystems I Kirk McKusick ¨ubernimmt die Entwicklung von BSD I Unix Version 7 erscheint I 1979 I 1980 I 1981 Woher kommt BSD? I 1976 I Unix Version 6 erscheint I 1978 I Chuck Haley und Bill Joy entwickeln den
  • Mac OS X Server

    Mac OS X Server

    Mac OS X Server Version 10.4 Technology Overview August 2006 Technology Overview 2 Mac OS X Server Contents Page 3 Introduction Page 5 New in Version 10.4 Page 7 Operating System Fundamentals UNIX-Based Foundation 64-Bit Computing Advanced BSD Networking Architecture Robust Security Directory Integration High Availability Page 10 Integrated Management Tools Server Admin Workgroup Manager Page 14 Service Deployment and Administration Open Directory Server File and Print Services Mail Services Web Hosting Enterprise Applications Media Streaming iChat Server Software Update Server NetBoot and NetInstall Networking and VPN Distributed Computing Page 29 Product Details Page 31 Open Source Projects Page 35 Additional Resources Technology Overview 3 Mac OS X Server Introduction Mac OS X Server version 10.4 Tiger gives you everything you need to manage servers in a mixed-platform environment and to con gure, deploy, and manage powerful network services. Featuring the renowned Mac OS X interface, Mac OS X Server streamlines your management tasks with applications and utilities that are robust yet easy to use. Apple’s award-winning server software brings people and data together in innovative ways. Whether you want to empower users with instant messaging and blogging, gain greater control over email, reduce the cost and hassle of updating software, or build your own distributed supercomputer, Mac OS X Server v10.4 has the tools you need. The Universal release of Mac OS X Server runs on both Intel- and PowerPC-based The power and simplicity of Mac OS X Server are a re ection of Apple’s operating sys- Mac desktop and Xserve systems.
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb

    Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb

    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
  • Eyeglass Search OSS Licenses and Packages V9

    Eyeglass Search OSS Licenses and Packages V9

    ECA 15.1 opensuse https://en.opensuse.org/openSUSE:License Package Licence Name Version Type Key Licence Name opensuse 15.1 OS annogen:annogen 0.1.0 JAR Not Found antlr:antlr 2.7.7 JAR BSD Berkeley Software Distribution (BSD) aopalliance:aopalliance 1 JAR Public DomainPublic Domain asm:asm 3.1 JAR Not Found axis:axis 1.4 JAR Apache-2.0 The Apache Software License, Version 2.0 axis:axis-wsdl4j 1.5.1 JAR Not Found backport-util-concurrent:backport-util-concurrent3.1 JAR Public DomainPublic Domain com.amazonaws:aws-java-sdk 1.1.7.1 JAR Apache-2.0 The Apache Software License, Version 2.0 com.beust:jcommander 1.72 JAR Apache-2.0 The Apache Software License, Version 2.0 com.carrotsearch:hppc 0.6.0 JAR Apache-2.0 The Apache Software License, Version 2.0 com.clearspring.analytics:stream 2.7.0 JAR Apache-2.0 The Apache Software License, Version 2.0 com.drewnoakes:metadata-extractor 2.4.0-beta-1JAR Public DomainPublic Domain com.esotericsoftware:kryo-shaded 3.0.3 JAR BSD Berkeley Software Distribution (BSD) com.esotericsoftware:minlog 1.3.0 JAR BSD Berkeley Software Distribution (BSD) com.fasterxml.jackson.core:jackson-annotations2.6.1 JAR Apache-2.0 The Apache Software License, Version 2.0 com.fasterxml.jackson.core:jackson-annotations2.5.0 JAR Apache-2.0 The Apache Software License, Version 2.0 com.fasterxml.jackson.core:jackson-annotations2.2.0 JAR Apache-2.0 The Apache Software License, Version 2.0 com.fasterxml.jackson.core:jackson-annotations2.9.0 JAR Apache-2.0 The Apache Software License, Version 2.0 com.fasterxml.jackson.core:jackson-annotations2.6.0
  • Wind River Linux Release Notes, 5.0.1

    Wind River Linux Release Notes, 5.0.1

    Wind River Linux Release Notes, 5.0.1 Wind River® Linux RELEASE NOTES 5.0.1 Copyright © 2013 Wind River Systems, Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means without the prior written permission of Wind River Systems, Inc. Wind River, Tornado, and VxWorks are registered trademarks of Wind River Systems, Inc. The Wind River logo is a trademark of Wind River Systems, Inc. Any third-party trademarks referenced are the property of their respective owners. For further information regarding Wind River trademarks, please see: www.windriver.com/company/terms/trademark.html This product may include software licensed to Wind River by third parties. Relevant notices (if any) are provided in your product installation at one of the following locations: installDir/product_name/3rd_party_licensor_notice.pdf installDir/legal-notices/ Wind River may refer to third-party documentation by listing publications or providing links to third-party Web sites for informational purposes. Wind River accepts no responsibility for the information provided in such third-party documentation. Corporate Headquarters Wind River 500 Wind River Way Alameda, CA 94501-1153 U.S.A. Toll free (U.S.A.): 800-545-WIND Telephone: 510-748-4100 Facsimile: 510-749-2010 For additional contact information, see the Wind River Web site: www.windriver.com For information on how to contact Customer Support, see: www.windriver.com/support Wind River Linux Release Notes 5.0.1 4 Apr 13 Contents 1 Overview ...................................................................................................... 1 1.1 Introduction ...................................................................................................................... 1 1.2 Navigating these Release Notes ................................................................................... 1 1.3 Features ............................................................................................................................
  • The Pkgsrc Guide

    The Pkgsrc Guide

    The pkgsrc guide Documentation on the NetBSD packages system (2021/01/02) Alistair Crooks [email protected] Hubert Feyrer [email protected] The pkgsrc Developers The pkgsrc guide: Documentation on the NetBSD packages system by Alistair Crooks, Hubert Feyrer, The pkgsrc Developers Published 2021/01/02 08:32:15 Copyright © 1994-2021 The NetBSD Foundation, Inc pkgsrc is a centralized package management system for Unix-like operating systems. This guide provides information for users and developers of pkgsrc. It covers installation of binary and source packages, creation of binary and source packages and a high-level overview about the infrastructure. Table of Contents 1. What is pkgsrc?......................................................................................................................................1 1.1. Introduction.................................................................................................................................1 1.1.1. Why pkgsrc?...................................................................................................................1 1.1.2. Supported platforms.......................................................................................................2 1.2. Overview.....................................................................................................................................3 1.3. Terminology................................................................................................................................4 1.3.1. Roles involved in pkgsrc.................................................................................................4
  • Open Source Used in Cisco WDR IP Cameras Release 2.7.1

    Open Source Used in Cisco WDR IP Cameras Release 2.7.1

    Open Source Used In Cisco WDR IP Cameras Release 2.7.1 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: 78EE117C99-92936773 Open Source Used In Cisco WDR IP Cameras Release 2.7.1 1 This document contains licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of any source code to which you may be entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License), please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-92936773 Contents 1.1 alsa-lib 1.0.28 :2.el7 1.1.1 Available under license 1.2 base64 0.00.00B 1.2.1 Available under license 1.3 bridge-utils 1.2 1.3.1 Available under license 1.4 busybox 1.12.4 1.4.1 Available under license 1.5 cmake 2.8 1.5.1 Available under license 1.6 cron 1.0 1.6.1 Available under license 1.7 curl 7.30.0 1.7.1 Available under license 1.8 dhcpv6 20051211 1.8.1 Available under license 1.9 dibbler 0.8.4 1.9.1 Available under license 1.10 e2fsprogs 1.42.8 1.10.1 Available under license 1.11 ebtables 2.0.8-2 1.11.1 Available under license 1.12 eventlog 0.2.5 1.12.1 Available under license 1.13 fcgi 2.4.1 1.13.1 Available under license Open Source Used In Cisco WDR IP Cameras Release 2.7.1 2 1.14 fetchmail 6.3.8
  • Building and Installing Glibc

    Building and Installing Glibc

    APPENDIX A Building and Installing Glibc THE GNU C LIBRARY, popularly known as Glibc, is the unseen force that makes GCC, most C language applications compiled with GCC on Linux systems, and all GNU /Linux systems themselves work. Any code library provides a set of func­ tions that simplify writing certain types of applications. In the case of the GNU C library, the applications facilitated by Glibc are any C programming language applications. The functions provided by Glibc range from functions as funda­ mental to C as printf () all the way to Portable Operating System Interface for Computer Environments (POSIX) functions for opening low-level network con­ nections (more about the latter later). Rebuilding and changing the library on which almost every GNU /Linux appli­ cation depends can be an intimidating thought. Luckily, it is not as problematic or complex as you might think. This chapter explains how to obtain, build, and install newer versions of the GNU C library, discusses problems that you might encounter, and also explains how to work around those problems in order to get your system(s) up and running with newer or alternate versions of the GNU C library that may be present by default on the system(s) that you are using. NOTE The most important requirement for upgrading Glibc on your system is having sufficient disk space to download and build the source code, back up files that you want to preserve in case you encounter upgrade problems, and install the new version ofGlibc. You should make sure that your system has approximately 200MB offree space in order to build and install Glibc.
  • Introduction to Webdav BSD 11/2010

    Introduction to Webdav BSD 11/2010

    CONTENTS Contents Dear Readers! Some of you might have been concerned about our Editor in Chief: magazine, but I wish to assure everyone that we are Zbigniew Puchciński still in the game, and staying in it for good. [email protected] Contributing: Rob Somerville,Daniele Mazzocchio, Rashid N. Achilov, Joseba In this month’s issue we start with second part of Mendez, Laura Michaels Drupal article, then �nd lots of practical advice Lukas Holt, Caryn Holt, Laura Michaels regarding fx. backing up a laptop, or upgrading Special thanks to: FreeBSD with less effort. In main topic Ivan Marko Milenovic, Worth Bishop and Mike Bybee „Rambius” Ivanov will present basics of WebDAV to Art Director: us. Ireneusz Pogroszewski DTP: I hope you will �nd this issue to be both interesting Ireneusz Pogroszewski and helpful. And as always – if you have any Senior Consultant/Publisher: comments or inputs, or you think you could Paweł Marciniak [email protected] contribute to our magazine, please mail us. National Sales Manager: Ewa Łozowicka [email protected] I would also like to take this opportunity to wish Marketing Director: you all a merry christmas and happy new year. And Ewa Łozowicka many presents of course. :) [email protected] Executive Ad Consultant: Thank you! Karolina Lesińska [email protected] Advertising Sales: Zbigniew Puchciński Zbigniew Puchciński Editor in Chief [email protected] [email protected] Publisher : Software Press Sp. z o.o. SK ul. Bokserska 1, 02-682 Warszawa Poland worldwide publishing tel: 1 917 338 36 31 www.bsdmag.org Software Press Sp z o.o.
  • Secure Content Distribution Using Untrusted Servers Kevin Fu

    Secure Content Distribution Using Untrusted Servers Kevin Fu

    Secure content distribution using untrusted servers Kevin Fu MIT Computer Science and Artificial Intelligence Lab in collaboration with M. Frans Kaashoek (MIT), Mahesh Kallahalla (DoCoMo Labs), Seny Kamara (JHU), Yoshi Kohno (UCSD), David Mazières (NYU), Raj Rajagopalan (HP Labs), Ron Rivest (MIT), Ram Swaminathan (HP Labs) For Peter Szolovits slide #1 January-April 2005 How do we distribute content? For Peter Szolovits slide #2 January-April 2005 We pay services For Peter Szolovits slide #3 January-April 2005 We coerce friends For Peter Szolovits slide #4 January-April 2005 We coerce friends For Peter Szolovits slide #4 January-April 2005 We enlist volunteers For Peter Szolovits slide #5 January-April 2005 Fast content distribution, so what’s left? • Clients want ◦ Authenticated content ◦ Example: software updates, virus scanners • Publishers want ◦ Access control ◦ Example: online newspapers But what if • Servers are untrusted • Malicious parties control the network For Peter Szolovits slide #6 January-April 2005 Taxonomy of content Content Many-writer Single-writer General purpose file systems Many-reader Single-reader Content distribution Personal storage Public Private For Peter Szolovits slide #7 January-April 2005 Framework • Publishers write➜ content, manage keys • Clients read/verify➜ content, trust publisher • Untrusted servers replicate➜ content • File system protects➜ data and metadata For Peter Szolovits slide #8 January-April 2005 Contributions • Authenticated content distribution SFSRO➜ ◦ Self-certifying File System Read-Only
  • Copy of Eyeglass/Search OSS Licenses and Packages

    Copy of Eyeglass/Search OSS Licenses and Packages

    <!DOCTYPE HTMLmoduleUrl PUBLIC "-//W3C//DTDmoduleLicense HTML 3.2moduleLicenseUrl Final//EN"> <html> http://findbugs.sourceforge.net/The Apache Softwarehttp://www.apache.org/licenses/LICENSE-2.0.txt License, Version 2.0 <head><meta name="robots" content="noindex"Apache 2.0 /> http://www.apache.org/licenses/LICENSE-2.0.txt <title>Index of beta-eca-misc/ECA/2.5.7/21081/Licences-lp15.2</title>https://github.com/google/guava/The Apache Softwarehttp://www.apache.org/licenses/LICENSE-2.0.txt License, Version 2.0 </head> https://github.com/google/j2objc/The Apache Softwarehttp://www.apache.org/licenses/LICENSE-2.0.txt License, Version 2.0 <body> http://code.google.com/p/concurrentlinkedhashmapThe Apache Softwarehttp://www.apache.org/licenses/LICENSE-2.0.txt License, Version 2.0 <h1>Index of beta-eca-misc/ECA/2.5.7/21081/Licences-lp15.2</h1>Apache 2 http://www.apache.org/licenses/LICENSE-2.0.txt <pre>Name Last modified Apache Size</pre><hr/> 2 http://www.apache.org/licenses/LICENSE-2.0.txt <pre><a href="../">../</a> Apache 2 http://www.apache.org/licenses/LICENSE-2.0.txt <a href="eca-control.csv">eca-control.csv</a>Apache 2 13-Apr-2021http://www.apache.org/licenses/LICENSE-2.0.txt 14:28 5.50 KB <a href="licenses.csv">licenses.csv</a>http://www.oracle.com/CDDL+GPL 13-Apr-2021 Licensehttp://glassfish.java.net/public/CDDL+GPL_1_1.html 14:35 221.50 KB <a href="rda.csv">rda.csv</a>http://www.oracle.com/ CDDL+GPL 13-Apr-2021 License 14:28http://glassfish.java.net/public/CDDL+GPL_1_1.html 52.12 KB <a href="serv-appl.csv">serv-appl.csv</a>http://commons.apache.org/lang/The
  • Title, Modify

    Title, Modify

    Developing Customer Edge Switching Test Framework Erkki Laite School of Electrical Engineering Thesis submitted for examination for the degree of Master of Science in Technology. Espoo 18.04.2017 Thesis supervisors: Prof. Raimo Kantola Thesis advisor: M.Sc. Hammad Kabir aalto university abstract of the school of electrical engineering master’s thesis Author: Erkki Laite Title: Developing Customer Edge Switching Test Framework Date: 18.04.2017 Language: English Number of pages: 10+75 Department of Communications and Networking Professorship: Communications Engineering Supervisor: Prof. Raimo Kantola Advisor: M.Sc. Hammad Kabir Customer Edge Switching (CES) and Realm Gateway (RGW) are technologies designed to solve core challenges of the modern Internet. Challenges include the ever increasing amount of devices connected to the Internet and risks created by malicious parties. CES and RGW leverage existing technologies like Domain Name System (DNS). Software testing is critical for ensuring correctness of software. It aims to ensure that products and protocols operate correctly. Testing also aims to find any critical vulnerabilities in the products. Fuzz testing is a field of software testing allowing automatic iteration of unexpected inputs. In this thesis work we evaluate two CES versions in performance, in susceptibility of Denial of Service (DoS) and in weaknesses related to use of DNS. Performance is an important metric for switches. Denial of Service is a very common attack vector and use of DNS in new ways requires critical evaluation. The performance of the old version was sufficient. Some clear issues were found. The version was vulnerable against DoS. Oversights in DNS operation were found. The new version shows improvement over the old one.