Pollution in 1.0.0.0/8
Or why having 1.2.3.4 might not be that cool after all....
A presentation given by Mark Dranse and Franz Schwarzinger duriung the APRICOT 2010 meeting.
IPv6 - The Time Is Now: Latif Ladid, President, IPv6 forumIPv6no
IPv6 - The Time Is Now. Resistance is Futile & IPv6 Ready program: Latif Ladid, President, IPv6 forum
IKT-Norge IPv6 forum IPV6 konferanse 23 & 24 mai 2011
33rd TWNIC IP OPM: RIRs in the future (and past) of Internet governanceAPNIC
APNIC Director General Paul Wilson gives an overview of the future of IP address registries and Internet governance at the 33rd TWNIC IP OPM in Taipei, Taiwan on 5 December 2019.
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)Fatih Ozavci
Enterprise companies are increasingly using Microsoft Lync 2010/2013 (a.k.a Skype for Business 2015) services as call centre, internal communication, cloud communication and video conference platform. These services are based on the VoIP and instant messaging protocols, and support multiple client types such as Microsoft Office 365, Microsoft Lync, Skype for Business, IP phones and teleconference devices. Also the official clients are available for mobile devices (e.g. Windows phone, Android and iOS), desktops (Mac, Linux and Windows) and web applications developed with .NET framework. Although the Microsoft Lync platform has been developed along with the new technologies, it still suffers from old VoIP, teleconference and platform issues.
Modern VoIP attacks can be used to attack Microsoft Lync environments to obtain unauthorised access to the infrastructure. Open MS Lync frontend and edge servers, insecure federation security design, lack of encryption, insufficient defence for VoIP attacks and insecure compatibility options may allow attackers to hijack enterprise communications. The enterprise users and employees are also the next generation targets for these attackers. They can attack client soft phones and handsets using the broken communication, invalid protocol options and malicious messaging content to compromise sensitive business assets. These attacks may lead to privacy violations, legal issues, call/toll fraud and intelligence collection.
Attack vectors and practical threats against the Microsoft Lync ecosystem will be presented with newly published vulnerabilities and Microsoft Lync testing modules of the Viproy VoIP kit developed by the speaker. This will be accompanied by live demonstrations against a test environment.
• A brief introduction to Microsoft Lync ecosystem
• Security requirements, design vulnerabilities and priorities
• Modern threats against commercial Microsoft Lync services
• Demonstration of new attack vectors against target test platform
IPv6 - The Time Is Now: Latif Ladid, President, IPv6 forumIPv6no
IPv6 - The Time Is Now. Resistance is Futile & IPv6 Ready program: Latif Ladid, President, IPv6 forum
IKT-Norge IPv6 forum IPV6 konferanse 23 & 24 mai 2011
33rd TWNIC IP OPM: RIRs in the future (and past) of Internet governanceAPNIC
APNIC Director General Paul Wilson gives an overview of the future of IP address registries and Internet governance at the 33rd TWNIC IP OPM in Taipei, Taiwan on 5 December 2019.
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)Fatih Ozavci
Enterprise companies are increasingly using Microsoft Lync 2010/2013 (a.k.a Skype for Business 2015) services as call centre, internal communication, cloud communication and video conference platform. These services are based on the VoIP and instant messaging protocols, and support multiple client types such as Microsoft Office 365, Microsoft Lync, Skype for Business, IP phones and teleconference devices. Also the official clients are available for mobile devices (e.g. Windows phone, Android and iOS), desktops (Mac, Linux and Windows) and web applications developed with .NET framework. Although the Microsoft Lync platform has been developed along with the new technologies, it still suffers from old VoIP, teleconference and platform issues.
Modern VoIP attacks can be used to attack Microsoft Lync environments to obtain unauthorised access to the infrastructure. Open MS Lync frontend and edge servers, insecure federation security design, lack of encryption, insufficient defence for VoIP attacks and insecure compatibility options may allow attackers to hijack enterprise communications. The enterprise users and employees are also the next generation targets for these attackers. They can attack client soft phones and handsets using the broken communication, invalid protocol options and malicious messaging content to compromise sensitive business assets. These attacks may lead to privacy violations, legal issues, call/toll fraud and intelligence collection.
Attack vectors and practical threats against the Microsoft Lync ecosystem will be presented with newly published vulnerabilities and Microsoft Lync testing modules of the Viproy VoIP kit developed by the speaker. This will be accompanied by live demonstrations against a test environment.
• A brief introduction to Microsoft Lync ecosystem
• Security requirements, design vulnerabilities and priorities
• Modern threats against commercial Microsoft Lync services
• Demonstration of new attack vectors against target test platform
RIPE Labs — illuminating new ideas and tools from the community for the community, by Alix Guillard and Mirjam Kuehne, presented at FRNOG 16 on 25 June 2010
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
20240605 QFM017 Machine Intelligence Reading List May 2024
Pollution in 1.0.0.0/8
1. RIPE Network Coordination Centre
Pollution in 1.0.0.0/8
Or why having 1.2.3.4 might not be that cool after all....
Mark Dranse <markd@ripe.net>
and
Franz Schwarzinger <franz@ripe.net>
RIPE NCC
Mark Dranse APRICOT 2010 http://www.ripe.net 1
2. RIPE Network Coordination Centre
Background
• Many networks filter unallocated address space (bogons)
- Some time passes
• Unallocated addresses become allocated
- Filters are not always well maintained
- Freshly allocated space is not fully reachable
• ISPs and users complain
- RIRs get some of the blame
Mark Dranse APRICOT 2010 http://www.ripe.net 2
3. RIPE Network Coordination Centre
Debogon Project
• Mitigate issues surrounding new address space
- Increase communications
- Provide tools to measure and monitor reachability
• Using existing RIS infrastructure since 2005
- Announce a few prefixes from new /8s
- Provide target IPs for ping/traceroute
- Measure reachability and produce graphs
http://www.ris.ripe.net/debogon/
Mark Dranse APRICOT 2010 http://www.ripe.net 3
4. RIPE Network Coordination Centre
Debogon Reports
• Combined yearly report for all /8s
Mark Dranse APRICOT 2010 http://www.ripe.net 4
5. RIPE Network Coordination Centre
Debogon Tools
http://www.ris.ripe.net/cgi-bin/debogon.cgi
Mark Dranse APRICOT 2010 http://www.ripe.net 5
6. RIPE Network Coordination Centre
The 1.0.0.0/8 story
• “Reserved” since 1981
• Changed to “unallocated” by IANA in 2008
• Allocated to APNIC in January 2010 ‘randomly’
- Added to the debogon report as usual
• 1.255.0.0/16
• 1.50.0.0/22
- As a special experiment, we also announced:
• 1.1.1.0/24
• 1.2.3.0/24
Mark Dranse APRICOT 2010 http://www.ripe.net 6
7. RIPE Network Coordination Centre
Measurement Setup
• RIS Remote Route Collector (rrc03.ripe.net)
- Connected to 3 Dutch IXPs
• AMS-IX
• NL-IX
• GN-IX
- AMS-IX port is 10 100 MBit/s
- Outbound traffic via RIPE NCC network
- About 100 active peers
Mark Dranse APRICOT 2010 http://www.ripe.net 7
8. RIPE Network Coordination Centre
27th January 2010
• Announcements began just before midday
- Instantly maxed out our AMS-IX port
Mark Dranse APRICOT 2010 http://www.ripe.net 8
10. RIPE Network Coordination Centre
RIS View
• 14 distinct ASes
• 26 prefixes
- /30 to /13
Mark Dranse APRICOT 2010 http://www.ripe.net 10
11. RIPE Network Coordination Centre
Some analysis
• 900k packet sample taken on 28th January
• Looked at:
- Sources
- Destinations
- Protocols
Mark Dranse APRICOT 2010 http://www.ripe.net 11
12. RIPE Network Coordination Centre
Packet destinations
• Two busiest destinations:
- 90% of packets to 1.1.1.1
- 3.3% of packets to 1.2.3.4
Mark Dranse APRICOT 2010 http://www.ripe.net 12
13. RIPE Network Coordination Centre
Packet Sources
• 96,160 unique IP addresses
• 95% sent ≤ 10 packets
• 33% sent 1 packet
• 30% of packets from 23 IP addresses
• 4.4% from 1 IP address
• 90% from 43 /8s
• 15% claims to originate from 10/8
Mark Dranse APRICOT 2010 http://www.ripe.net 13
14. RIPE Network Coordination Centre
Packet Sources
%
Year in which parent /8 was allocated
Mark Dranse APRICOT 2010 http://www.ripe.net 14
15. RIPE Network Coordination Centre
Packet Sources
%
Responsible RIR for parent /8
Mark Dranse APRICOT 2010 http://www.ripe.net 15
16. RIPE Network Coordination Centre
What was the traffic?
Mark Dranse APRICOT 2010 http://www.ripe.net 16
17. RIPE Network Coordination Centre
What was the traffic?
• 80% UDP traffic • 20 %TCP traffic
- 60% SIP INVITE (VoIP) scans * - 50% HTTP
- 30% Media Gateway Protocol - 5.4% SMTP
* Thanks to Sandro Gauci and others for pointing this out!
Mark Dranse APRICOT 2010 http://www.ripe.net 17
18. RIPE Network Coordination Centre
Feedback
• Give it to me!
• Don’t give it to me!
• Don’t give it to anyone!
• How representative is this?
- Is it just ‘normal’ background noise?
- Isolated data point?
Mark Dranse APRICOT 2010 http://www.ripe.net 18
19. RIPE Network Coordination Centre
Further Research
• Comparison with other prefixes
• Announce for longer
- From a “real” network with high capacity
• Collect more data
- Don’t just analyse small samples
Mark Dranse APRICOT 2010 http://www.ripe.net 19