Blog Post

Deterring Amplification Attacks: Identification to Targeted Remediation

By Thomas Orthbandt

Posted on June 3, 2013 in: Security

Tags: ,

Over the past few weeks we’ve been helping customers who’ve been experiencing unusual spikes in traffic on their resolvers. Data obtained using Vantio Real Time Visibility and querystore commands revealed a substantial increase in the number of ANY queries, in some cases hundreds of millions. Additional data showed the names being queried turned very small DNS questions into very large DNS answers. Both indicate a recent type of DDoS attack that leverages the DNS to amplify traffic and flood a target with it.

Read more

Blog Post

Nominum Active at TM Forum's Management World

By Thomas Orthbandt

Posted on May 13, 2013 in: Marketing, Network, Security

Tags: ,

Nominum, the provider of the N2, an open and scalable network-based service delivery platform for communication service providers (CSPs) joined the influential global industry body, TM Forum. Nominum is helping the world’s leading CSPs offer personalized, secure connected experiences that enhance the overall customer experience. Nominum’s N2 platform allows CSPs to leverage customer behavior data and network assets to deliver the next generation in customer experience. Using the platform, CSPs can use intelligent policy management, advanced notification and action tools to increase brand loyalty, and monetize new tools and services.

Read more

Blog Post

Reducing the Risks of BYOD with Nominum’s Security Solution

By Thomas Orthbandt

Posted on February 5, 2013 in: Security

Tags: ,

In previous posts, Pat discussed the risks associated with BYOD, and a DNS-based approach for reducing those risks. Essentially this approach consisted of making use of an enterprise’s caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. Finding these C&C domains is something Nominum does quite well.

Read more

Blog Post

Reducing the Risks of BYOD with DNS-based Security Intelligence; Part 2: Taking Control

By Thomas Orthbandt

Posted on January 29, 2013 in: Security

Tags: ,

In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise’s caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. These domains are the domain names of the servers that are in the control of the bot master for purposes of botnet command and control. Bots will perform a DNS query for one or more of these domains in an attempt to connect to these servers in order to receive their instructions. By monitoring queries to these domains, all infected clients, including BYOD, can be identified on the network. Moreover, by subsequently blocking access to the domains, malware responsible for the bot infection is denied the critical instructions it needs to function.

Read more

Blog Post

A Win Win in the Malware Battle

By Thomas Orthbandt

Nominum Logo

Posted on October 11, 2012 in: Security

Tags:

Last month Microsoft led an effort to take control of a domain – 3322.org – in order to disrupt more than 500 different strains of malware affecting millions of innocent people around the world. Using a surgical approach implemented with software from Nominum, Microsoft was able to sinkhole traffic to malware subdomains hosted on 3322.org without impacting queries to legitimate subdomains. Numerous articles covered the effort; some of the better ones are below:

Read more

Blog Post

The Future is Now

By Thomas Orthbandt

Nominum Logo

Posted on October 3, 2012 in: Security

One of the challenges network operators face is responding quickly to market requirements.  Agility is the new normal, competitive leadership is based on moving quickly.  But progress can be slowed by the disparate interests of marketing or business teams, and technical or operational teams.  Marketing can spot trends and identify new services, but it can be difficult to get them implemented quickly in the network when stability is rightfully paramount.

Read more

Blog Post

High Performance DNS Needs High Performance Security

By Thomas Orthbandt

Nominum Logo

Posted on June 28, 2012 in: Network, Security

Tags:

 There’s been a lot of emphasis on DNS performance lately because faster DNS contributes directly to a better user experience.  There’s an interesting flipside to DNS performance though, higher performance DNS servers may be better targets for cache poisoning attacks.  Faster servers give attackers more opportunities to insert fake entries into the DNS – speed can kill (or at least inflict a nasty wound!) so it’s important to understand the security implications if you’re looking to upgrade DNS performance.
1 4 5 6 7 8