OpenDNS is looking for a few good malware people!

Published: 2012-07-21
Last Updated: 2012-07-21 04:39:18 UTC
by Rick Wanner (Version: 1)
2 comment(s)

Most readers of this space will be familiar with OpenDNS for its DNS based approach to Internet filtering.  One of the components of that is a crowd sourced classification of URLs into categories, something that OpenDNS refers to as domain tagging.  OpenDNS is looking to take domain tagging one step further.  OpenDNS CTO, Dan Hubbard, has put out a request  for knowledgeable security people to domain tag the malware category.

If you have a few cycles and you think this might be a fun way to contribute to Internet safety, then please check it out.

-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Keywords: malware OpenDNS
2 comment(s)

TippingPoint DNS Version Request increase

Published: 2012-07-21
Last Updated: 2012-07-21 04:17:56 UTC
by Rick Wanner (Version: 1)
3 comment(s)
We have received a number of reports from TippingPoint customers that the normally quiet filter #560: DNS version request has been triggering in larger than normal numbers.  The indications are that a large number of source IPs are involved, but the volume is not high enough to be of a concern for potential DOS.  We have not yet been able to view any packets from this traffic.
 
If anybody has any more information, or packets we can review, we would love to hear from you.
 
The summary of filter #560 is:
"This filter detects a request to obtain the version number of the DNS Bind Server. The attacker uses the version information to determine whether the DNS Server is vulnerable to certain buffer overflow or Denial of Service attacks."

-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Keywords: DNS IDS TippingPoint
3 comment(s)

Comments

cwqwqwq
eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>
WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]
dwqqqwqwq mashood
[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)
[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]
What's this all about ..?
password reveal .
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
https://thehomestore.com.pk/

Diary Archives