Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSAC Overview May 23, 2006 Steve Crocker

Published byNoah Carlson Modified over 10 years ago

Similar presentations

Presentation on theme: "SSAC Overview May 23, 2006 Steve Crocker"— Presentation transcript:

1 SSAC Overview May 23, 2006 Steve Crocker steve@shinkuro.com steve@shinkuro.com

2 2 SSAC Role Security and stability expertise Advice to… –ICANN board –ICANN staff –ICANN advisory committees –ICANN supporting organizations –Community at large Advice only -- no formal authority Both responsive and proactive

3 3 History Exploratory meeting in Nov 2001 Decision to form committee Recruiting, kick off in spring 2002 Same chair from beginning Periodic review of membership

4 4 Structure Advisory committee of experts –Registries, Registrars, Address, Security, Research –Geographic breadth –No bureaucrats, attorneys, politicians Volunteer, unpaid –Staff support -- SSAC Fellow, Exec

5 5 SSAC Members (1) Alain Aina Jaap Akkerhuis KC Claffy Steve Crocker, chair Johan Ihren Rodney Joffe

6 6 SSAC Members (2) Mark Kosters Allison Mankin Ram Mohan Russ Mundy Frederico Neves Jon Peterson

7 7 SSAC Members (3) Ray Plzak, vice chair Mike St. Johns Doron Shikmoni Bruce Tonkin Paul A Vixie Suzanne Woolf

8 8 Others Dave Piscitello - ICANN Fellow Jim Galvin - Exec Daniel Karrenberg - Invited Guest Patrik Fältström - Invited Guest Lyman Chapin - Invited Guest, SPE Chair Stefano Trumpy - GAC Liaison Olaf Kolkman - IAB Point of Contact

9 9 Operation & Recruiting Weekly conference calls Team reports –Staff assistance, consensus Presentations at ICANN meetings Looking for experienced, committed experts…

10 10 SSAC Reports, Advisories Usually related to specific incident/issue –Findings, Recommendations Opportunity for explanation of an area –Useful beyond specific incident/issue Broad sense of security and stability –Protection of registrants, users, end- systems

11 11 Past Efforts DNSSEC -- spun off separate initiative Wild card (SiteFinder) episode Domain Name Hijacking Alternate Roots Amplified Distributed Denial of Service (DDoS) Attacks Address filtering at edge

12 12 Current Efforts Whois privacy mechanisms Repurposed domains names

13 13 Other Concerns Integration of IDNs Address validation, routing security

14 14... Attacker Target name server at IP = 10.10.1.1... Open recursive servers Name server bar. (3) Open resolvers ask bar. for record foo (4) bar. responds with record foo (4000 byte DNS TXT RR) (5) Open resolvers send DNS response with (4000 byte DNS TXT RR) to target name server (1) Attacker directs zombies to begin attack (2) All zombies send DNS query for record foo in domain bar. to open recursive servers and set source IP=10.10.1.1 Zombies Anatomy of the DDoS Attack

15 15 DDoS Recommendations Not just a DNS issue Stop forged return IP addresses –Prior advice -- BCP 38, SAC 004, etc. Take protective action as needed

Download ppt "SSAC Overview May 23, 2006 Steve Crocker"

Similar presentations

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.
Testing IPv6 Address Records in the DNS Root APNIC 23 February 2007 Geoff Huston Chief Scientist APNIC.

Testing IPv6 Address Records in the DNS Root APNIC 23 February 2007 Geoff Huston Chief Scientist APNIC.
Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March 7 2002.

Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March
1 MyAPNIC Project update Database SIG APNIC 23, Bali 28 February 2007.

1 MyAPNIC Project update Database SIG APNIC 23, Bali 28 February 2007.
The Global Internet ICTFEST 2006 Antigua and Barbuda Jacob Malthouse Liaison Internet Corporation for Assigned Names and Numbers.

The Global Internet ICTFEST 2006 Antigua and Barbuda Jacob Malthouse Liaison Internet Corporation for Assigned Names and Numbers.
The ICANN Experiment ISOC-Israel 13-March-2000 Andrew McLaughlin.

The ICANN Experiment ISOC-Israel 13-March-2000 Andrew McLaughlin.
ICANN Security and Stability Advisory Committee ICANN Meetings Carthage October 30, 2003.

ICANN Security and Stability Advisory Committee ICANN Meetings Carthage October 30, 2003.
The Wild Card Incident of 9/15/2003 Steve Crocker Chair Security and Stability Advisory Committee.

The Wild Card Incident of 9/15/2003 Steve Crocker Chair Security and Stability Advisory Committee.
Generic Names Supporting Organisation Bruce Tonkin Chair, GNSO Council.

Generic Names Supporting Organisation Bruce Tonkin Chair, GNSO Council.
ICANN Security and Stability Advisory Committee ICANN Meetings Shanghai October 30, 2002.

ICANN Security and Stability Advisory Committee ICANN Meetings Shanghai October 30, 2002.
GNSO goals Bruce Tonkin Chair, GNSO Council Sao Paulo, 4 Dec 2006.

GNSO goals Bruce Tonkin Chair, GNSO Council Sao Paulo, 4 Dec 2006.
1 Update on New gTLD PDP Joint GAC/GNSO meeting Avri Doria Chair, GSNO Council 2007.06.24 San Juan, Puerto Rico.

1 Update on New gTLD PDP Joint GAC/GNSO meeting Avri Doria Chair, GSNO Council San Juan, Puerto Rico.
Whois Task Force GNSO Public Forum Wellington March 28, 2006.

Whois Task Force GNSO Public Forum Wellington March 28, 2006.
The ICANN Experiment CainetCainet 2000 8-3-00 Andrew McLaughlin.

The ICANN Experiment CainetCainet Andrew McLaughlin.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
Sep 2008ALAC Webinar 1 DNS Response Modification David Piscitello Senior Security Technologist ICANN.

Sep 2008ALAC Webinar 1 DNS Response Modification David Piscitello Senior Security Technologist ICANN.
IDN Variant Issues Project (VIP) Project Update and Next Steps 11 April 2012.

IDN Variant Issues Project (VIP) Project Update and Next Steps 11 April 2012.
DNS Security and Stability Analysis Working Group (DSSA) DSSA Update Prague – June, 2012.

DNS Security and Stability Analysis Working Group (DSSA) DSSA Update Prague – June, 2012.
International Telecommunication Union ENUM Issues and Solutions Houlin Zhao Director Telecommunication Standardization Bureau International Telecommunication.

International Telecommunication Union ENUM Issues and Solutions Houlin Zhao Director Telecommunication Standardization Bureau International Telecommunication.
2001_03_28 SG A contribution– 1 Dept of State ITAC-T Advisory Committee SG-A Ad Hoc Meeting on ENUM March 28th & 29th, 2001 ENUM CONTRIBUTION TITLE: ENUM.

2001_03_28 SG A contribution– 1 Dept of State ITAC-T Advisory Committee SG-A Ad Hoc Meeting on ENUM March 28th & 29th, 2001 ENUM CONTRIBUTION TITLE: ENUM.

Similar presentations

Ads by Google