infosec

15 July 2014 at 3:49pm

Survey on automated reporting from Janet CSIRT

James Davis
CSIRT
consultation
survey
infosec
Cybersecurity
The environment that Janet CSIRT works in is changing. Almost a decade ago, most of the incidents we dealt with would start with a complaint emailed to us by a human; this would result in a team member having five or ten open incidents, maybe even twenty on a busy day. Nowadays the majority of information we receive is sent to us from automated systems run by third parties; this means that much of our current work is relaying this information and chasing acknowledgements to and from customers.
Read more
15 July 2014 at 10:52am

ISO 27001 Lead Implementer course, August 11th-13th, London

James Davis
iso27001
infosec
training
In response to feedback earlier in the year we've been able to arrange for an externally certified Lead Implementer course in London on the 11th-13th of August, which we can provide to you at a reduced cost of £870.00 plus VAT. Details, and the booking form are available at: https://www.ja.net/events/it-governance-iso27001-certified-isms-lead-implementer-course
Read more
9 July 2014 at 12:30pm

FIRST Conference 22/06/2014 - 27/06/2014

Mark Siddle
#firstcon14
infosec
incident response
CSIRT
Janet CSIRT are a member of a global non-profit organisation called the Forum of Incident Response and Security Teams, or FIRST. There are a number of FIRST member events throughout the year including an annual conference.
Read more
14 October 2014 at 1:33pm

Incident statistics for June 2014

James Davis
infosec
CSIRT
statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
26 June 2014 at 10:10am

Simple ways to improve your DNS resilience and security: #4 Open DNS Resolvers

James Davis
DNS
resolvers
DDOS
nameservers
udp
reflection
amplification
infosec
security
Time to move from the mechanics and policy of DNS replication to a new topic. Within the global DNS there are two roles that a server can play: ones that hold data - nameservers, and ones that fetch that data for clients - resolvers. Nameservers need to provide their data to the entire Internet whereas resolvers serve a small set of client systems.
Read more
24 June 2014 at 1:53pm

Simple ways to improve your DNS resilience and security: #2 Zone Transfers

James Davis
DNS
Resilience
axfr
security
infosec
zone-transfer
Having designed a redundant DNS infrastructure, one of the most common mistakes is failing to ensure that secondary nameservers can successfully replicate data for the domains it is hosting. The most common way this is done on the Internet is though zone transfers - the AXFR command. This command causes a DNS server to reply with all the data it knows for a domain.
Read more
24 June 2014 at 1:52pm

Simple ways to improve your DNS resilience and security: #1 Redundancy

James Davis
DNS
primary nameserver
secondary nameserver
security
infosec
risk management
resiliency
When providing DNS nameserver services a degree of redundancy is needed. In most cases the DNS records for a particular domain will be hosted by at least two nameservers, but is that enough by itself? When building a resilient system the risks involved with the failure modes of the system need to be considered and weighed up against the associated costs and overheads. As a common example - does having both DNS servers on the same local network segment provide you with protection against network failure? Probably not.
Read more
Subscribe to infosec