1) Edward Lewis discusses using the Regional Internet Registry (RIR) WhoIs databases to reach out to autonomous system (AS) operators with an important operational message from ICANN.
2) They had doubts it would work due to concerns about spamming, but contacted nearly 16,000 ASs anyway with few complaints.
3) The talk highlights issues with RIR WhoIs data like a lack of standard formats and fields that made the process challenging but also suggests how the new RDAP system could help improve coordination.
2nd ICANN APAC-TWNIC Engagement Forum: DNS OblivionAPNIC
APNIC Chief Scientist Geoff Huston gives an overview of the complex many-layered model of DNS security, and a new emerging world of choices for protecting traffic, hiding queries, and the future trends in ISP provided, and independent third-party DNS services at the 2nd ICANN APAC-TWNIC Engagement Forum, held from 15 to 16 April 2021.
APNIC Product Manager, Registry Services George Michaelson present on why RPKI really matters at the 2nd ICANN APAC-TWNIC Engagement Forum, held from 15 to 16 April 2021.
PacNOG 29: Routing security is more than RPKIAPNIC
APNIC Chief Scientist presented on how much more there is to routing security than just RPKI at PacNOG 29, held online from 29 November to 9 December 2021.
DNS-OARC-36: Measurement of DNSSEC Validation with RSA-4096APNIC
APNIC Chief Scientist Geoff Huston presents on why using larger keys for RSA in the context of DNSSEC impairs the robustness of DNSSEC validation for the signed name at DNS-OARC 36, held online from 29 to 30 November 2021.
2nd ICANN APAC-TWNIC Engagement Forum: DNS OblivionAPNIC
APNIC Chief Scientist Geoff Huston gives an overview of the complex many-layered model of DNS security, and a new emerging world of choices for protecting traffic, hiding queries, and the future trends in ISP provided, and independent third-party DNS services at the 2nd ICANN APAC-TWNIC Engagement Forum, held from 15 to 16 April 2021.
APNIC Product Manager, Registry Services George Michaelson present on why RPKI really matters at the 2nd ICANN APAC-TWNIC Engagement Forum, held from 15 to 16 April 2021.
PacNOG 29: Routing security is more than RPKIAPNIC
APNIC Chief Scientist presented on how much more there is to routing security than just RPKI at PacNOG 29, held online from 29 November to 9 December 2021.
DNS-OARC-36: Measurement of DNSSEC Validation with RSA-4096APNIC
APNIC Chief Scientist Geoff Huston presents on why using larger keys for RSA in the context of DNSSEC impairs the robustness of DNSSEC validation for the signed name at DNS-OARC 36, held online from 29 to 30 November 2021.
APNIC Chief Scientist Geoff Huston and João Damas present on metrics on DNS centrality, focusing their research on resolvers at RIPE 82, held online from 17 to 21 May 2021.
ICANN DNS Symposium 2021: Measuring Recursive Resolver CentralityAPNIC
APNIC Chief Scientist Geoff Huston and João Damas presented metrics on DNS centrality, focusing their research on resolvers at the ICANN DNS Symposium 2021, held online from 25 to 27 May 2021.
bdNOG 7 - Re-engineering the DNS - one resolver at a timeAPNIC
APNIC Director General, Paul Wilson, talks about APNIC's support of updates to BIND to implement caching of NSEC responses to reduce root server query load.
Learn to recognize the many ways in which attackers can tamper with DNS servers and records, and the measures you can take to prevent this.
See the full webinar and the rest of the series at https://www.thousandeyes.com/resources/monitoring-for-dns-security-webinar
A constructive review of in network caching a core functionality of icn slidesAnshuman Kalla
In-Network Caching in Information Centric Networking (ICN) with Content Centric Networking (CCN) as key design architecture. Aim is to make an exhaustive review of work related to in-network caching in ICN.
This presentation is a tutorial intro to DANE (DNS Authentication of Named Entities). It describes the root problem, a possible solution using DANE, and briefly shows how you can starting using DANE and TLSA records yourself.
APNIC Chief Scientist Geoff Huston and João Damas present on metrics on DNS centrality, focusing their research on resolvers at RIPE 82, held online from 17 to 21 May 2021.
ICANN DNS Symposium 2021: Measuring Recursive Resolver CentralityAPNIC
APNIC Chief Scientist Geoff Huston and João Damas presented metrics on DNS centrality, focusing their research on resolvers at the ICANN DNS Symposium 2021, held online from 25 to 27 May 2021.
bdNOG 7 - Re-engineering the DNS - one resolver at a timeAPNIC
APNIC Director General, Paul Wilson, talks about APNIC's support of updates to BIND to implement caching of NSEC responses to reduce root server query load.
Learn to recognize the many ways in which attackers can tamper with DNS servers and records, and the measures you can take to prevent this.
See the full webinar and the rest of the series at https://www.thousandeyes.com/resources/monitoring-for-dns-security-webinar
A constructive review of in network caching a core functionality of icn slidesAnshuman Kalla
In-Network Caching in Information Centric Networking (ICN) with Content Centric Networking (CCN) as key design architecture. Aim is to make an exhaustive review of work related to in-network caching in ICN.
This presentation is a tutorial intro to DANE (DNS Authentication of Named Entities). It describes the root problem, a possible solution using DANE, and briefly shows how you can starting using DANE and TLSA records yourself.
Presentation given during a tour of Australia, in May 2009. The targeted audience are people who are already familiar with the fundamentals of Semantic Web, and this presentation gives an overview of what is happening at W3C
There are a number of different kinds of tools for collecting information about the thoughts and beliefs that different groups have about your organization.
If your business is heavily dependent on the Internet, you may be facing an unprecedented level of network traffic analytics data. How to make the most of that data is the challenge. This presentation from Kentik VP Product and former EMA analyst Jim Frey explores the evolving need, the architecture and key use cases for BGP and NetFlow analysis based on scale-out cloud computing and Big Data technologies.
Nearly every IT leader these days is wresting with Shadow IT – the dynamic in which end users obtain IT solutions from cloud service providers without informing corporate IT.
Presentation by Kasper Kisjes (Rijkswaterstaat) and Christoph Balduck (Data T...Patrick Van Renterghem
Kasper and Christoph explained how to apply data governance, data discovery and data cataloging for 200+ data sources. Also,m about dealing with a connect vs. collect strategy in a centralized hub of data.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
Chimi Dorji, Internet Resource Analyst at APNIC, presented on Registry Data Accuracy Improvements at SANOG 41 jointly held with INNOG 7 in Mumbai, India from 25 to 30 April 2024.
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
Sunny Chendi, Senior Advisor, Membership and Policy at APNIC, presents 'APNIC Policy Roundup' at the 5th ICANN APAC-TWNIC Engagement Forum and 41st TWNIC OPM in Taipei, Taiwan from 23 to 24 April.
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
Dave Phelan, Senior Network Analyst/Technical Trainer at APNIC, presents 'DDoS In Oceania and the Pacific' at NZNOG 2024 held in Nelson, New Zealand from 8 to 12 April 2024.
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
Geoff Huston, Chief Scientist at APNIC deliver keynote presentation on the 'Future Evolution of the Internet' at the Everything Open 2024 conference in Gladstone, Australia from 16 to 18 April 2024.
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
Paul Wilson, Director General of APNIC delivers a presentation on IP addressing and IPv6 to the Policymakers Program during IETF 119 in Brisbane Australia from 16 to 22 March 2024.
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
Tom Harrison, Product and Delivery Manager at APNIC presents at the Registration Protocols Extensions working group during IETF 119 in Brisbane, Australia from 16-22 March 2024
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
Che-Hoo Cheng, Senior Director, Development at APNIC presents on the "Benefits of doing Internet peering and running an Internet Exchange (IX)" at the Communications Regulatory Commission of Mongolia's IPv6, IXP, Datacenter - Policy and Regulation International Trends Forum in Ulaanbaatar, Mongolia on 7 March 2024
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
APNIC Senior Advisor, Membership and Policy, Sunny Chendi presented on APNIC updates and RIR Policies for ccTLDs at APTLD 85 in Goa, India from 19-22 February 2024.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
1. | 1
Edward Lewis
APRICOT 2019
27 February 2019
Experience using RIR WhoIs
... or Reaching Operators with a Message
2. | 2
The Setting
¤ From 2016-2018, ICANN had an operational message to deliver
¡ But no list of all "who need to know"
¡ Not everyone needed to know, but many did
¤ We tried conferences
¡ We spoke so often we were told "we've heard the message"
¤ We tried letters to IXPs, top-level domain registries, even regulators
¤ But "data" suggested we were missing operators (specifically DNS)
¤ We settled on trying issuing a survey
3. | 3
The Background
¤ The project involved is the "first" DNS root zone KSK rollover
¤ This is not "yet another KSK rollover talk"
¡ Nothing more in these slides is about that topic
¤ This a "lesson learned" about operational coordination, from that project
4. | 4
The Survey
¤ Designed to grab people's attention
¡ Some are carefully crafted to learn something
¡ This an exercise in getting a reaction
¤ Finding the target audience
¡ We have network traffic suggesting DNSSEC activity
¡ We convert the addresses into Autonomous System numbers
¡ Send email to the contacts for the Autonomous System operators
¤ Simple!
5. | 5
The Plan
¤ Beginning with a list of Autonomous System numbers
¡ And with a short deadline
¤ Make use of the Regional Internet Registries databases, via WhoIs, to get
a list of email addresses
¡ Yes, WhoIs,not RDAP
¤ Did we think this would work?
¡ No
¡ But it was our only hope and we had a really good reason
6. | 6
Our Doubts
¤ The threat of "Spamming"
¡ A specific case of data mining
¡ There's a history of people using databases of email addresses to send
unsolicited messages, usually for the purposes of advertising,
marketing, or anti-social behavior
• Rate limits on queries
• Obscured/hidden, missing email information
• Acceptable use claims
¡ The mail system is built to defend against unwarranted email
• Sender reputation scoring
7. | 7
Skipping to the End
¤ We survived
¤ We contacted nearly 16,000 autonomous systems
¤ We weren't accused of violating email rules
¤ We weren't labelled "Spammer!"
¤ And the project appears to have succeeded in getting our message out
¤But it wasn't easy (enough to prevent this talk!)
8. | 8
In This Talk...
¤ This work was done with the WhoIs systems in place
¡ RDAP is the still (in) the future
¤ There's no "how to" in this talk
¡ Avoiding providing a recipe for "spamming"/data mining
¤ With a goal of "how can we provide a means for global operations contacts"
suggestions are made
9. | 9
Disclaimer: not disparaging RIR functions
¤ What's presented here seems at first blush to be suggesting work on
contacting operators could be better
¡ Well, it can, but it isn't clear there are "guilty parties"
¤ Registration information is largely treated as "garbage in, garbage out"
¡ An issue with public safety (or extrajudicial efforts like reputation
managers) when investigating abuse from an address – long known
issue
¡ But now we see this as possibly hindering operations
¤ And note that the KSK rollover may be a unique event
10. | 10
WhoIs yesterday, RDAP tomorrow
¤ Yes, WhoIs (port 43) or its web-version is being replaced by RDAP
¤ At the time of the survey, RDAP didn't seem mature enough to use "in the
heat of the moment"
¤ Treat this more as a problem statement/observation than a request for
action or suggestion for updating
11. | 11
Approach to using the RIR WhoIs
¤ The activity – given a list of AutNums, find email addresses for each
operator to invite to the survey
¤ First step – determine the right RIR or NIR source
¤ Second step – determine query and how to parse results
¤ Third step – select the addresses per AutNum
12. | 12
Which WhoIs Server? – ARIN or LACNIC as starting
¤ To determine region
¡ ARIN made this easiest, based on response
¡ LACNIC was possible, except for rate limiting and the complication of
having an NIR
¡ Other regions either weren't tried or didn't make it easy
¤ Complication – RIR and NIR operators would enter their own addresses in
fields when there was no "correct answer"
¡ "Inside" knowledge to realize this
13. | 13
Special flags
¤ ARIN has its unique set of flags
¤ RIPE and AFRINIC use special flags, burned into some whois clients
¡ Clients on MacOS and Linux differed, one way was the flags
¡ Linux:
$ whois -B -h whois.ripe.net as0
% This is the RIPE Database query service. ...
¡ MacOS:
$ whois -B -h whois.ripe.net as0
whois: illegal option – B ...
¤ WhoIs clients don't help: no "—version" to tell which is installed
14. | 14
National Internet Registries
¤ NIRs are a great idea, but little known outside the RIR community
¤ WhoIs services at NIRs differ
¡ Some run WhoIs for their region's address space
¡ Some run WhoIs for Autonomous System numbers in addition to the RIR
¡ Some run WhoIs for Autonomous System numbers instead of the RIR
¡ Note: "in addition to" versus "instead of"
¤ No clear documentation of this state of affairs
15. | 15
APNIC & its NIRs
¤ APNIC presented three challenges in parsing its responses
¤ One: NIR handling
¡ Seven NIRs but only one exclusively manages AutNum registration
information
¡ Took time to "discover this" and automate a way to parse the results
¤ Two: AutNum block information
¡ Had to learn to discard the APNIC "enclosing AutNum block" information
to get to the AutNum specific information
¤ Three: For NIR managed space, needed unique parsing code
16. | 16
LACNIC & its NIRs
¤ LACNIC presented a first—order challenge
¡ Rate limiting, but this could be relaxed with justification
¤ LACNIC also has multiple (two) NIRs
¡ And like APNIC, only one actively manages its AutNum Registrations
¤ LACNIC's "AutNum-active" NIR
¡ Also has rate limiting, again, relaxed with justification
¡ Has the overwhelming number of AutNum information – 16% of the
global numbers we needed to contact
17. | 17
Parsing Responses
¤ There's a "latent desire" of operators to include more information:
remarks: trouble: | Operational issues: noc@example.com |
remarks: trouble: | Peering issues: peering-office@example.com |
¤ Or hide information
remarks: Contact < op AT example DOT com > re general operations
¤ Or restrict contact
Comment: DO NOT E-MAIL ... AS IT WILL NOT BE READ/ANSWERED.
¤ Or "lay down the rules"
Comment: Please ... Failure to comply with this statement ...
18. | 18
Comments and Remarks
¤ In a world where "one lookup" is done, these make sense
¤ Where automation is involved, these don't
19. | 19
Up-level comments
¤ Whether RDAP has matured enough to help this is something I haven't
studied yet
¡ Matter of time, priorities
¤ A major concern was whether this is acceptable use
¡ But we decided to give it a try anyway
20. | 20
Experience with the "acceptable use"
¤ 16,000 AutNums contacted
¡ Note – number of operators is less, many run multiple AutNums
¡ One invitee noted we had an error in our email message. One!
¡ One invitee suggested that we were dancing around GDPR. One!
¡ One invitee teased us "are you for real".
¤ We did receive more outright notes of appreciation
¤ We did answer dozens of questions in responses to us
¤ Many probably ignored our call to participate in a survey
21. | 21
General Issues with RIR "WhoIs" information
¤ A lot of domain specific knowledge is needed
¡ Knowing who the RIRs are and the NIR structure
¤ Lack of common query – language or service point
¤ Lack of common response format
¤ Lack of specific fields for contact
¡ Use of remarks or comment fields to supply information
¤ Use of "dummy values" to indicate a who is "referral"
¤ Blanket defense against data mining (rate limiting)
22. | 22
Specific Issues with APNIC whois information
¤ Remove the AutNum block contact information in a response to a query
about a specific AutNum
¡ This will uncover some errors – missing information or mislabeled
information
¤ Clearer documentation when information is available only at an NIR's
WhoIs service
¤ Haven't researched the process for formalizing that suggestion
23. | 23
A peak into the future – RDAP formatting
¤ Quick inspections seem that RDAP is deployed as a "drop in" replacement
for WhoIs
¡ JSON seen to have this in sampled output
"remarks" : [ {
"title" : "... Comments",
"description" : [ "Please ...." ]
¤ Would be good to revisit the policies behind WhoIs in light of what RDAP
can do
¡ Tiered-access, richer data structures, and so on
24. | 24
A peak into the future – RDAP locations
¤ "urls" need to strive for consistency:
¡ https://rdap.arin.net/registry/autnum/0
¡ https://rdap.db.ripe.net/autnum/0
¡ https://rdap.afrinic.net/rdap/autnum/0
¡ http://rdap.apnic.net/autnum/0
• Typing "https://rdap.apnic.net/autnum/0" – note the
"s" in https - makes my browser go to Afrinic
¡ https://rdap-web.lacnic.net/autnum/0
¤ Without commonality, we need tools, with tools we need to have output
suitable for automation
25. | 25
Engage with ICANN
Visit us at icann.org
Thank You and Questions
Email: edward.lewis@icann.org
flickr.com/icann
linkedin/company/icann@icann
facebook.com/icannorg
youtube.com/icannnews soundcloud/icann
slideshare/icannpresentations
instagram.com/icannorg