Analysis of RD=0 and RD=1 queries seen at Root; JPAPNIC
Analysis of RD=0 and RD=1 queries seen at Root; JP, by Kazunori Fujiwara.
A presentation given at APNIC 42's DNS and INR Security session on Monday, 3 October 2016.
Die monatlichen Anlässe in Zusammenarbeit mit dem Swiss IPv6 Council behandeln verschiedene technische Themenbereiche von IPv6.
Das Referat von Jen Linkova vom 30. November 2015 widmete sich dem Neighbor Discovery Protokoll, einem Schlüsselmechanismus um Verbindungen zwischen IPv6 Knotenpunkten und LANs aufzubauen. Die Referentin fokussierte sich in der Präsentation auf die technischen Details des Designs, der Implementierung sowie Sicherheitsaspekten.
Gerne stellen wir Ihnen die Präsentation zum Anschauen und Herunterladen zur Verfügung. Haben Sie Feedback zum Event? Wir sind gespannt auf Ihre Meinung.
APNIC Chief Scientist Geoff Huston presents on work Labs is doing to whetehr results from experiments performed at lower levels of the DNS hierarchy would also apply to the root zone.
DNSSEC: What a Registrar Needs to Know (Part 2)laurenrprice
This presentation covers a "crib sheet" authored by Shinkuro, Inc. that walks a registrar through the operational considerations when implementing DNSSEC. We also had the pleasure of hearing from Dyn, Inc. an ICANN accredited registrar who shared lessons learned from their work and testing in DNSSEC.
Build Dynamic DNS server from scratch in C (Part1)Yen-Kuan Wu
This is my final project. The purpose is that I don't get any course about Network, so I try to implement DNS server and learn from practicing.
In this slide, it would cover brief introduction of ddns server, prerequisite for building protocol, aims of my project and all of pitfalls I have met.
Demo resolver.
I would finish this project and provide the part2 of slide.
Analysis of RD=0 and RD=1 queries seen at Root; JPAPNIC
Analysis of RD=0 and RD=1 queries seen at Root; JP, by Kazunori Fujiwara.
A presentation given at APNIC 42's DNS and INR Security session on Monday, 3 October 2016.
Die monatlichen Anlässe in Zusammenarbeit mit dem Swiss IPv6 Council behandeln verschiedene technische Themenbereiche von IPv6.
Das Referat von Jen Linkova vom 30. November 2015 widmete sich dem Neighbor Discovery Protokoll, einem Schlüsselmechanismus um Verbindungen zwischen IPv6 Knotenpunkten und LANs aufzubauen. Die Referentin fokussierte sich in der Präsentation auf die technischen Details des Designs, der Implementierung sowie Sicherheitsaspekten.
Gerne stellen wir Ihnen die Präsentation zum Anschauen und Herunterladen zur Verfügung. Haben Sie Feedback zum Event? Wir sind gespannt auf Ihre Meinung.
APNIC Chief Scientist Geoff Huston presents on work Labs is doing to whetehr results from experiments performed at lower levels of the DNS hierarchy would also apply to the root zone.
DNSSEC: What a Registrar Needs to Know (Part 2)laurenrprice
This presentation covers a "crib sheet" authored by Shinkuro, Inc. that walks a registrar through the operational considerations when implementing DNSSEC. We also had the pleasure of hearing from Dyn, Inc. an ICANN accredited registrar who shared lessons learned from their work and testing in DNSSEC.
Build Dynamic DNS server from scratch in C (Part1)Yen-Kuan Wu
This is my final project. The purpose is that I don't get any course about Network, so I try to implement DNS server and learn from practicing.
In this slide, it would cover brief introduction of ddns server, prerequisite for building protocol, aims of my project and all of pitfalls I have met.
Demo resolver.
I would finish this project and provide the part2 of slide.
FARIS: Fast and Memory-efficient URL Filter by Domain Specific MachineYuuki Takano
http://ytakano.github.io/
http://ieeexplore.ieee.org/document/7740332/
Uniform resource locator (URL) filtering is a fundamental technology for intrusion detection, HTTP proxies, content distribution networks, content-centric networks, and many other application areas. Some applications adopt URL filtering to protect user privacy from malicious or insecure websites. Some web browser extensions, such as AdBlock Plus, provide a URL-filtering mechanism for sites that intend to steal sensitive information.
Unfortunately, these extensions are implemented inefficiently, resulting in a slow application that consumes much memory. Although it provides a domain-specific language (DSL) to represent URLs, it internally uses regular expressions and does not take advantage of the benefits of the DSL. In addition, the number of filter rules become large, which makes matters worse.
In this paper, we propose the fast uniform resource identifier- specific filter, which is a domain-specific pseudo-machine for the DSL, to dramatically improve the performance of some browser extensions. Compared with a conventional implementation that internally adopts regular expressions, our proof-of-concept implementation is fast and small memory footprint.
This is a tutorial for implementing application level traffic analyzer by using SF-TAP flow abstractor.
http://sf-tap.github.io/
https://github.com/SF-TAP/
https://github.com/SF-TAP/flow-abstractor
https://www.usenix.org/conference/lisa15/conference-program/presentation/takano
http://ytakano.github.io/
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
2.Cellular Networks_The final stage of connectivity is achieved by segmenting...JeyaPerumal1
A cellular network, frequently referred to as a mobile network, is a type of communication system that enables wireless communication between mobile devices. The final stage of connectivity is achieved by segmenting the comprehensive service area into several compact zones, each called a cell.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Understanding User Behavior with Google Analytics.pdfSEO Article Boost
Unlocking the full potential of Google Analytics is crucial for understanding and optimizing your website’s performance. This guide dives deep into the essential aspects of Google Analytics, from analyzing traffic sources to understanding user demographics and tracking user engagement.
Traffic Sources Analysis:
Discover where your website traffic originates. By examining the Acquisition section, you can identify whether visitors come from organic search, paid campaigns, direct visits, social media, or referral links. This knowledge helps in refining marketing strategies and optimizing resource allocation.
User Demographics Insights:
Gain a comprehensive view of your audience by exploring demographic data in the Audience section. Understand age, gender, and interests to tailor your marketing strategies effectively. Leverage this information to create personalized content and improve user engagement and conversion rates.
Tracking User Engagement:
Learn how to measure user interaction with your site through key metrics like bounce rate, average session duration, and pages per session. Enhance user experience by analyzing engagement metrics and implementing strategies to keep visitors engaged.
Conversion Rate Optimization:
Understand the importance of conversion rates and how to track them using Google Analytics. Set up Goals, analyze conversion funnels, segment your audience, and employ A/B testing to optimize your website for higher conversions. Utilize ecommerce tracking and multi-channel funnels for a detailed view of your sales performance and marketing channel contributions.
Custom Reports and Dashboards:
Create custom reports and dashboards to visualize and interpret data relevant to your business goals. Use advanced filters, segments, and visualization options to gain deeper insights. Incorporate custom dimensions and metrics for tailored data analysis. Integrate external data sources to enrich your analytics and make well-informed decisions.
This guide is designed to help you harness the power of Google Analytics for making data-driven decisions that enhance website performance and achieve your digital marketing objectives. Whether you are looking to improve SEO, refine your social media strategy, or boost conversion rates, understanding and utilizing Google Analytics is essential for your success.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Measurement Study of Open Resolvers and DNS Server Version
1. Measurement Study of Open
Resolvers and DNS Server Version
Internet Conference 2013
Yuuki Takano, Ruo Ando, Takeshi Takahasi, (NICT)
Satoshi Uda, Tomoya Inoue (JAIST)
1
2. Summary
n Probed whole IPv4 address space to collect open
resolvers
n Collected about 30 millions of DNS server
addresses
n Found about 25 millions of open resolver
n Analyzed by reversely looking up, geographically
mapping
2
3. Related Work
DNS Amplification Attack
n DNS Servers are abused to launch DDoS attack
n abused as reflectors and amplifiers
n query and response message sizes are quite different
3
DNS Servers, aka. Open Resolvers
VictimAttacker
ANY Queries
Spoofed Src
4. Measurement Strategy
n At first, send DNS A query without RD flag to collect
DNS servers on the Internet
n if a DNS server returned response with RA flag, it is
open resolver
n otherwise, it isn’t open resolver
n After probing DNS servers by A query, then send query
of VERSION.BIND
n Furthermore, look reversely up DNS servers’ IP address
4
5. Measurement Architecture
5
In this section, we present our methodology to mea-
sure DNS servers on the Internet. Figure 1 shows the
architecture of the DNS server measurement system
we designed and implemented. It consists of 4 com-
ponents as follows.
The Internet
DB
DNS Prober
Reverse
Lookupper
A Query and
VERSION.BIND
Response
Statistical
Analyzer
Reverse Lookup
Result
Figure1 DNS Measurement System Architecture
rec
ple
Mo
St
A
the
lyz
by
Jav
we
W
ou
me
DN
6. Measurement Target
and Source
n Target: whole IPv4 address space
n Source: JAIST’s server
n Date: July, 2013
n Measurement Time
n A query and VERSION.BIND query: about 1 day
n reverse lookup: about 5 days
n statistical analysis: few hours
n PC Spec
n KVM Virtual Machine, 2 CPU, 4GB Memory
n Hyper Visor, Intel Xeon 2GHz x 32,
6
10. Spammer Favored Domains
10
n Spamology: A Study of Spam Origins, Craig et.al.,
CEAS 2009
n TOP 2 origins of spam mail
n hinet.net
n 163data.com.cn
14. ANY Query and Detail
14
tribution of Nominum Vantio (All)
Table3 Details of DNS Answer Section of Re
sponse for ANY Query
isc.org ripe.net
RRSIG 1965 1304
DNSKEY 427 848
NSEC 53 38
SPF 112 -
TXT 181 -
NS 97 136
NAPTR 46 -
A 16 16
AAAA 28 28
MX 24 50
SOA 54 52
Total 3005 2472
(bytes)
n ANY query is used to launch DNS
amplification attack
n Amplification ratio
n isc.org: request 64 bytes,
response 3,245 bytes, ratio
50.7
n ripe.net: request 65 bytes,
response 2,669 bytes, ratio
41.0
n Records of DNSSEC account for
majority of response
15. DNSSEC Considered Harmful?
n DNSSEC protect users from DNS injection attack
n Great firewall in China, “The Collateral
Damage of Internet Censorship by DNS
Injection”, anonymous authors, SIGCOMM
2012
n However, DNSSEC bursts ratio of DNS
amplification attack
n Is this trade off? Exclusive?
15
16. Conclusion
n Collected 30 millions DNS servers and 25 millions
of open resolvers
n Revealed there are many open resolvers on
spammer favored domains
n Revealed China, USA and Mexico are TOP 3
holders of open resolvers
n DNSSEC significantly increases amplification ratio
of DNS amplification attack
16