Working Group #4: Network Security Best Practices March 22, 2012 Presenter: Tony Tauber, Comcast WG #4 Member Via teleconference: Rod Rasmussen, Internet.

Slides:



Advertisements
Similar presentations
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
Advertisements

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
DirectAccess Infrastructure Planning and Design Published: October 2009 Updated: November 2011.
Implementation Council Meeting Structure and Resources Background: The Implementation Council (Council) roles and responsibilities are described in the.
FCC CSRIC III Working Group 4 Network Security Best Practices Rodney Joffe SVP and Senior Technologist, Neustar, Inc.
ICANN/ccTLD Agreements: Why and How Andrew McLaughlin Monday, January 21, 2002 TWNIC.
Working Group 11: Consensus Cyber Security Controls March 14, 2013 Alan Paller, SANS Institute Marcus Sachs, Verizon Communications WG 11 Co-Chairs.
Working Group #3 E9-1-1 Location Accuracy December 16, 2011 Craig Frost, Verizon Wireless, Co-Chair Stephen J. Wisely, APCO International, Co-Chair.
ChowSCOLD1 Secure Collective Defense Network (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.
Arbor Multi-Layer Cloud DDoS Protection
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
Introduction to ICANN’s new gTLD program. A practical example: the Dot Deloitte case. Jan Corstens, Partner, Deloitte WIPO Moscow, 9 Dec 2011.
New.net and Multilingual Names Andrew Duff Director of Mktg and Policy, New.net December 2001.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Transition of U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) Stewardship of the IANA Functions to the Global.
Addressing of Internet Koji OKAMURA Kyushu University.
Harness Your Internet Activity. Zeroing in On Zero Days DNS OARC Spring 2014 Ralf Weber
1 ARIN: Mission, Role and Services John Curran ARIN President and CEO.
Working Group #4: Network Security – Best Practices March 6, 2013 Presenters: Rod Rasmussen, Internet Identity Tony Tauber, Comcast WG #4.
GOMC Organizational Assessment Progress to Date Joan LeBlanc GOMC Council Coordinator.
APNIC Update RIPE 59 October Overview APNIC Services Update APNIC 28 policy outcomes APNIC Members and Stakeholder Survey Next APNIC Meetings.
Working Group 6: Secure BGP Deployment December 16, 2011 Andy Ogielski, Renesys Jennifer Rexford, Princeton U. WG 6 Co-Chairs.
Draft-mickles-v6ops-isp-cases-01.txt September 19, 2002 Cleveland Mickles V6OPS ISP Breakout Session.
SECURITY WG Paul Howell, Eric Boyd Internet2 © 2015 Internet2.
Update on IPv6 Transition U.S. Federal IPv6 Task Force Jane Coffin Co-Chair of the U.S. Federal IPv6 Task Force August 2011 – CITEL PCC.I, Mar del Plata,
DNS Security Pacific IT Pros Nov. 5, Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.
SAON Data Management Workshop Report June 7-8, 2010, Norway Recommendations (Extracted by Jan René Larsen, 25 September 2012),
Infrastructure Attack Vectors and Mitigation Benno Overeinder NLnet Labs.
BCOP on Anti-Spoofing Long known problem Deployment status Reason for this work Where more input needed.
 Cross Community Working Group to Develop an IANA Stewardship Transition Proposal on Naming Related Functions (CWG) DRAFT TRANSITION PROPOSAL.
ESnet Site Coordinators Committee (ESCC): IPv6 Activities & Directions Phil DeMar (ESCC Chair) HEPix IPv6 Workshop (CERN) June 22, 2011.
FCC CSRIC III Working Group 5 DNSSEC Implementation Practices Steve Crocker CEO, Shinkuro, Inc. March 6, 2013 Working Group 5: DNSSEC.
ICANN Root Name Server System Advisory Committee March 2, 1999 SUNTEC Convention Center Singapore.
Building a More Trusted and Secure Internet RIPE 70, May
A Strawman for Discussion by Dottie Stockstill & Greg Ramon Special ERCOT Board Meeting June 24, 2003.
Working Group #4: Network Security Best Practices September 12, 2012 Presenter: Rod Rasmussen, Internet Identity WG #4 Co-Chair.
Transfers Task Force Briefing ICANN Domain Names Council Meeting March 12, 2002 Registry Registrar BRegistrar A.
FUTURE INTERNET: PROPOSAL “PROBLEMS IN CURRENT INTERNET” M S Siddiqui [ID ] Networking LAB, KHU
* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.
DNS Session 5 Additional Topics Joe Abley AfNOG 2006, Nairobi, Kenya.
International Speedway Boulevard Stakeholders Task Force (STF) Meeting 1 Wednesday, May 19, 2010.
Working Group 5: Cybersecurity Information Sharing Status Update December 3, 2015 Christopher Boyer, Co-Chair (AT&T) Rod Rasmussen, Co-Chair (IID) Brian.
Working Group 1: Evolving 911 Services Status Update September 21, 2015 Jeff Cohen, Co-Chair (APCO International) Susan Sherwood, Co-Chair (Verizon)
DNS Security 1. Fundamental Problems of Network Security Internet was designed without security in mind –Initial design focused more on how to make it.
Working Group 1: Evolving 911 Services Status Update December 3, 2015 Jeff Cohen, Co-Chair (APCO International) Susan Sherwood, Co-Chair (Verizon)
Working Group 3: Emergency Alert Systems Status Update September 21, 2015 Steve Johnson, Co-Chair National Cable & Telecommunications Association Kelly.
Working Group 6: Secure Hardware and Software – Security by Design Status Update September 21, 2015 Joel Molinoff, Co-Chair (CBS) Brian Scarpelli, Co-Chair.
How to use the Internet Ikjun Yeom. How to send a packet  buy a computer  make sure that the computer is equipped with a network interface card  find.
Working Group 6: Secure Hardware and Software – Security by Design Status Update December 3, 2015 Joel Molinoff, Co-Chair (CBS) Brian Scarpelli, Co-Chair.
Working Group 6: Secure BGP Deployment March 22, 2012 Andy Ogielski, Renesys Jennifer Rexford, Princeton U. WG 6 Co-Chairs.
Feb, 2008 KRNIC of NIDA KRNIC Activity in 2007.
Working Group 4: DNS/Routing Interim Solutions December 16, 2011 Rodney Joffe WG 4 Chair.
Working Group 6: Secure BGP Deployment September 23, 2011 Andy Ogielski, Renesys Jennifer Rexford, Princeton U. WG 6 Co-Chairs.
Section 4.9 Work Group Members Kris Hafner, Chair, Board Member Rob Kondziolka, MAC Chair Maury Galbraith, WIRAB Shelley Longmuir, Governance Committee.
Interdomain Multicast BCP Draft IETF 84 Vancouver, BC Robert Sayko
Working Group 8: Priority Services CSRIC V Meeting March 16, 2016 Thomas Anderson, Co-Chair (Cisco) Bill Reidway, Co-Chair (Neustar)
Working Group 1: Evolving 911 Services Status Update March 16, 2016 Jeff Cohen, Co-Chair (APCO International) Susan Sherwood, Co-Chair (Verizon)
CIIMS Proposal for TOP-003 Approach Stacen Tyskiewicz WECC CIIMS Chair March 22, 2016.
Monitoring, analyzing and cleaning DNS configuration errors across European NRENs Slavko Gajin University of Belgrade, Serbia
One Hop for RPKI, One Giant Leap for BGP Security Yossi Gilad (Hebrew University) Joint work with Avichai Cohen (Hebrew University), Amir Herzberg (Bar.
Capacity Building in: GEO Strategic Plan 2016 – 2025 and Work Programme 2016 Andiswa Mlisa GEO Secretariat Workshop on Capacity Building and Developing.
DNS Security Risks Section 0x02. Joke/Cool thing traceroute traceroute c
Jim McEachern Senior Technology Consultant ATIS July 8, 2015.
Zueyong Zhu† and J. William Atwood‡
Terms and Conditions Review 2011
Valerie Cardwell, Comcast
CIIMS Proposal for TOP-003 Approach
CBP Biennial Strategy Review System
Senior Friendly Community Plan
Improving global routing security and resilience
Presentation transcript:

Working Group #4: Network Security Best Practices March 22, 2012 Presenter: Tony Tauber, Comcast WG #4 Member Via teleconference: Rod Rasmussen, Internet Identity WG #4 Co-Chair

2 Working Group #4: Network Security  Description: This Working Group will examine and make recommendations to the Council regarding best practices to secure the Domain Name System (DNS) and routing system of the Internet during the period leading up to the successful global implementation of the Domain Name System Security Extensions (DNSSEC) and Secure BGP (Border Gateway Protocol) extensions.  Duration: Sept – Mar. 2013

Working Group #4 – Participants  Co-Chairs  Rod Rasmussen – Internet Identity  Rodney Joffe – Neustar  Participants  30 Organizations represented  Service Providers  Network Operators  Academia  Government  IT Consultants 3

Working Group #4 - Current Work Activity  Clarification of Scope  Things we can do “now” – current HW/SW, no changes in protocols or new technologies needed  Focus on things that will be of value even if/when protocol extensions (DNSSEC/Secure Routing) are implemented  Domain Name Service (DNS)  BGP and Inter-Domain Routing  Issues requiring CSRIC membership input: potential overlaps with WG-5 and WG-6 – will monitor and seek advice as necessary 4

Working Group 4 - Work Completed  Preliminary “matrix” of DNS issues including problem space, ISP roles, challenges and started on short list of solutions  Identified candidate issues affecting the routing space (BGP) that can be addressed today via BCP’s and operational updates.  Created workspace for group collaboration and documentation 5

Working Group 4 - Work Completed  Primary DNS issues identified  DNS Cache poisoning attacks  Hacking or misconfiguration of DNS servers  DNS and domain name hijacking  DNS servers used for reflective, DNS amplification DDOS attacks  Rewriting of authoritative DNS responses to other values  Customers infected with DNS manipulating malware  Insecure zone transfers  Routing issues identified  Spoofing of addresses not routed by customer/peer  Hijacking/falsification of IP ownership by customers  Route hijacking via peering partners or on the wider Internet 6

Working Group 4 - Next Steps  Preliminary report to be drafted for June 2012 CSRIC meeting  Flesh out issues/actors/recommendations matrices for DNS and routing  Final agreement within the group on issues to be covered and reported out from the working group  Collection and collation of solutions and practices to provide advisory portion of the report 7

Working Group 4 – Project Timeline  Identify stakeholders; detail problem space and challenges of stakeholders; provide example solutions – June, 2012  Identify full set of potential solutions- September, 2012  Draft report on recommendations for best practices – December, 2012  Final report – March, 2013  Teleconferences bi-weekly – Fridays 1330 Eastern 8

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.