Download as PDF
Blog Article
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.
For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Blog Article
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.
For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Blog Article
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.
For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Further information on our classification scheme is available.
Blog Article
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.
For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Blog Article
The environment that Janet CSIRT works in is changing. Almost a decade ago, most of the incidents we dealt with would start with a complaint emailed to us by a human; this would result in a team member having five or ten open incidents, maybe even twenty on a busy day. Nowadays the majority of information we receive is sent to us from automated systems run by third parties; this means that much of our current work is relaying this information and chasing acknowledgements to and from customers.
Blog Article
Janet CSIRT are a member of a global non-profit organisation called the Forum of Incident Response and Security Teams, or FIRST. There are a number of FIRST member events throughout the year including an annual conference.
Blog Article
Your DNS system can be an invaluable part of your information security toolkit. By blocking, altering and monitoring the resolution of domain names you can protect systems and defend information from attacks. In particular, The ability to prevent the resolution of malicious domains, and to detect infected and compromised systems from reaching out to them is invaluable.
Blog Article
Time to move from the mechanics and policy of DNS replication to a new topic. Within the global DNS there are two roles that a server can play: ones that hold data - nameservers, and ones that fetch that data for clients - resolvers. Nameservers need to provide their data to the entire Internet whereas resolvers serve a small set of client systems.
Blog Article
So you've designed your redundant architecture and ensured that your data is being replicated across it? All set? Not quite. Within your DNS configuration there are two timers that we frequently see misconfigured - TTL values and the SOA expire value.
Frequently we see these left at default a default of one day (86400 seconds). Whilst these may suit many organisations it's worth taking a closer look to make sure that they match your expectation for your DNS services.
Blog Article
Having designed a redundant DNS infrastructure, one of the most common mistakes is failing to ensure that secondary nameservers can successfully replicate data for the domains it is hosting. The most common way this is done on the Internet is though zone transfers - the AXFR command. This command causes a DNS server to reply with all the data it knows for a domain.
