Conficker Mitigation in .at

Slides:

Advertisements

Similar presentations

Trademark Considerations for Start-Ups The Benefits of a Strategic Approach.

Advertisements

IDN TLD Variants Implementation Guideline draft-yao-dnsop-idntld-implementation-01.txt Yao Jiankang.

12-13 May 2014 Amsterdam, The Netherlands

Developing Credit Insurance in Africa and the Mediterranean

Some Comments on ccTLD Manager Local & Global Responsibilities Frank March Chair,.nz Oversight Committee (NZOC) (also IT & Telecoms Policy Group)

IPv6 Glue Why registrars need to support it Elise Gerich VP, IANA.

Governmental Advisory Committee New gTLD Program Briefing 19 June 2010.

Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.

Unit 11 Communication & Collaboration.  Identify different communication methods  Identify advantages of electronic communication  Identify common.

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.

Advanced Civil Litigation Class 6Slide 1 Steps in Filing a Complaint First, the necessary complaint must be prepared. Make sure you attach the: First,

UK ENUM Jay Daley, Nominet UK. ENUM explained Nominet and ENUM.

What is it and why should I care?

Registrars and Security Greg Rattray Chief Internet Security Advisor.

Cornell Institute for Digital Collections Intellectual Property: Introduction to Copyright Peter B. Hirtle Director Cornell Institute for Digital Collections.

Working Party on Land Administration Athens Workshop May Theme 2 Legal Issues ‘Building a Land Registration System to support the Social and.

Comment on GAC Proposal for Protection of Geographic Names in New gTLDs Presentation by IBCA Internet Business Council for Africa (IBCA)

8 Safety Rules to keep YOU safe! Get clear answers and instructions. If you don’t understand how to do the work, it’s okay to ask questions. With clear.

COPYRIGHT, LEGAL ISSUES & TAKEDOWN. 2 Work priorities Orphan Works ALRC review Copyright and the Digital Economy Creative Commons licenses Legal.

Financial Institutions, Checking Accounts, and Credit Lesson 3.

Network Abuse Handling in CNNIC and JPNIC Terence Zhang, CNNIC Izumi Okutani, JPNIC.

DNS Registries. Overview What is a DNS registry? –DNS registries –Data In –Data Out –Transactions Registry Structure –Registry –Registrars –Registrants.

The Case Against Cybersquatting A Discussion of Domain Name Trademark Protection By Matt Poole.

Have Fun, Be Safe Strategies for Internet and Social Media Safety.

Experiments and Observational Studies. Observational Studies In an observational study, researchers don’t assign choices; they simply observe them. look.

Sarah K. Wiant College Communicators Association Washington and Lee University October 11 th, 2013.

Update from ICANN staff on SSR Activities Greg Rattray Tuesday 21 st 2010.

CcTLD Workshop Amsterdam Junio 2004 UY (Uruguay) Universidad de la República - Red Académica Uruguaya.

Chapter 12 Sample Surveys *Sample *Bias *Randomizing *Sample Size.

2006 SISO Executive Conference Legal Issues in Using Mailing Lists: The CAN-SPAM ACT The Junk Fax Prevention Act The National Do Not Call Registry.

Prepared by Douglas Peterson, University of Alberta 15-1 Part 3 – The Law of Contract Chapter 15 Electronic Business Law and Data Protection.

ISP Policy Position: For A university should monitor university networks and connected computers for improper activities such as copyright infringement.

Challenges Opportunities en threats for cybercrime fighters John van Krieken LLM MMO Datum 9 oktober 2009.

ENUM Validation Architecture & Token Format draft-mayrhofer-enum-validation-00.txt Axel Mayrhofer, Otmar Lendl enum.at GmbH Michael Haberler Internet Foundation.

Today’s presentation Objectives of the LAC Good relations – does co-existence really exist? Land Access Rules – some extra protections Summary Recommendations.

Intellectual Property: Introduction to Copyright Peter B. Hirtle Intellectual Property Officer Cornell University Library

Copyright Law & Guidelines for Teachers and Students EDUC 5306 Kimberly Murry.

COPYRIGHT LAW 2001 Columbus School of Law The Catholic University of America Prof. Fischer Class 19 (MARCH 26, 2002)

CHRIS BIRCH EDTC_6340_01 SPRING 2014 DR. BUTLER Basics.

The Singapore Treaty on the Law of Trademarks Kiev March Noëlle Moutout Assistant Legal Officer.

CODES OF CONDUCT IN GAMES DEVELOPMENT. By Nikku (Nick)

Fast Flux Hosting and DNS ICANN SSAC What is Fast Flux Hosting? An evasion technique Goal of all fast flux variants –Avoid detection and take down of.

Chapter 11 Understanding Randomness. Practical Randomness Suppose a cereal company puts pictures of athletes on cards in boxes of cereal in hopes to boost.

10 Big Myths about Copyright Explained Article by: Brad Templeton Presentation by: Oluwatoyin Adebona English 393 Section 501.

Bruce Campbell. ISOC Workshopl, 21 June 2004, Amsterdam. RIPE NCC DNS Architecture (for ccTLD secondarying) Nameserver Planning for.

Trademark Considerations for Start-Ups

Unit 3 Section 6.4: Internet Security

Doctypes and domain names

Technology and procedures for correction of errors and discrepancies of data Workshop on Experiences with Data Management to Improve Land Administration.

.CR DOMAIN ELIMINATION EXPERIENCE

Secure Software and the Law

Notes # 11 Progressive Era The Presidents

What is a Trademark & Benefits of Trademark Registering

[ 3.4 ] The National Government and the States

Unit 11 Communication & Collaboration

Company Registration: Procedure that one needs to follow Company Registration: Procedure that one needs to follow

Companies Act 1990 Next slide.

.eu Top Level Domain Technical Briefing 1 Dec. 2005

Christopher Wilkinson Head, GAC Secretariat

IGraphic Social impacts of IT

The title: The implementation of Data Protection

DNS operator transfers with DNSSEC

Unit4 The Political System in the United States

DoH! Peter Van Roste GAC/ccNSO meeting - ICANN 64

Copyright Law Presentation

COPYRIGHT By Tracee T. Wells.

Planning and Zoning Essentials

Doing Derivation.

Step By Step Guide to Reinstate Amazon Seller Account By EsellersCare.

Presentation transcript:

Conficker Mitigation in .at OARC Amsterdam 2009 Workshop Otmar Lendl <lendl@cert.at>

I have two hats

The CERT.at Point of View As a national CERT we want to: Protect our constituency Protect others from being attacked from Austria Reduce the amount of „badness“ in the Internet Thus: Let‘s block those domains. Use sinkhole data for warnings

The nic.at Point of View (1) We are a registry. We‘re in a quasi-monopoly position. We’re doing it for the country The “land register” for the Austrian Internet That the ccTLD is run by a private company is not a given. The only thing domain-holders get from us are NS records in the .at zone.

The nic.at Point of View (2) Our T&Cs only concern: The domain itself must not infringe rights. The owner information must be correct We don‘t care what people do with .at domains We can‘t be the arbiter on what’s allowed on the Internet and what not. If you have a complaint: Sue the owner. If you want us to remove a domain, get a clear and valid order from a court. Past jurisdiction (and not just in Austria) supports this approach.

No action should be taken by the Registry. The nic.at conclusion: No action should be taken by the Registry. If we start to block domains because they might be used for something nefarious, we open a big can of worms. Typosquatting Phishing Scams … That was the plan as of March, 27th 2009

AcoCERT (the CERT of the Austrian NREN) stepped up What did we end up with? AcoCERT (the CERT of the Austrian NREN) stepped up Longstanding cooperation nic.at / Aconet / University of Vienna “Conficker Research Project” They run nameservers, sinkholes nic.at waived the registration fees We shared the sinkhole data NO change in the takedown procedures

Avoid crying wolf too often Future This was an emergency People tend to help each other in emergencies Rules were bent This is not the “war on terror”: we will declare this emergency to be over rather soon Avoid crying wolf too often Registries will revert to their previous stance This is not the start of a new era The next worm will likely be ignored by the registries