Download as PDF
Blog Article
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.
For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Blog Article
The environment that Janet CSIRT works in is changing. Almost a decade ago, most of the incidents we dealt with would start with a complaint emailed to us by a human; this would result in a team member having five or ten open incidents, maybe even twenty on a busy day. Nowadays the majority of information we receive is sent to us from automated systems run by third parties; this means that much of our current work is relaying this information and chasing acknowledgements to and from customers.
Blog Article
Janet CSIRT are a member of a global non-profit organisation called the Forum of Incident Response and Security Teams, or FIRST. There are a number of FIRST member events throughout the year including an annual conference.
Blog Article
Time to move from the mechanics and policy of DNS replication to a new topic. Within the global DNS there are two roles that a server can play: ones that hold data - nameservers, and ones that fetch that data for clients - resolvers. Nameservers need to provide their data to the entire Internet whereas resolvers serve a small set of client systems.
Blog Article
Having designed a redundant DNS infrastructure, one of the most common mistakes is failing to ensure that secondary nameservers can successfully replicate data for the domains it is hosting. The most common way this is done on the Internet is though zone transfers - the AXFR command. This command causes a DNS server to reply with all the data it knows for a domain.
Blog Article
When providing DNS nameserver services a degree of redundancy is needed. In most cases the DNS records for a particular domain will be hosted by at least two nameservers, but is that enough by itself?
When building a resilient system the risks involved with the failure modes of the system need to be considered and weighed up against the associated costs and overheads. As a common example - does having both DNS servers on the same local network segment provide you with protection against network failure? Probably not.
Blog Article
Andrew's recent post on the legal issues of cleaning up after botnet infections has prompted me to write something about how the way that Janet CSIRT operates helps with these issues in our community.
Blog Article
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.
For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Blog Article
The period of protection offered by the joint action between the NCA and FBI ends at 00:00BST on Tuesday 17 June. We recommend that you take full advantage of the remaining time and clean up any infected hosts.
Blog Article
As you may now be aware, the FBI and NCA are coordinating 'global day of action' against the Zeus-P2p and Cryptolocker families of malware. Law enforcement and industry partners will be collaborating to interrupt infrastructure vital to the malware's operation and to raise public awareness of these threats.
Prev | Next