Presenter: Mark Elkins Topic: Things not getting done.

Slides:



Advertisements
Similar presentations
Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.
Advertisements

Internet Protocol Security (IP Sec)
Enabling Secure Internet Access with ISA Server
Internet Number Resources 1. Internet IPv4 addresses IPv6 addresses Autonomous System number Fully Qualified Domain Name Key Internet resources.
APNIC Internet Routing Registry Routing SIG APNIC-15, Taipei 26 February 2003.
IPv6 deployment metrics using.JP domain APNIC February 2004 Kenichi Kanayama Intec NetCore, Inc.
Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
1 Muhammed Rudman
IPv4 Depletion IPv6 Adoption 3 February /8s Remaining.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.
IPv4 Run Out and Transitioning to IPv6 Marco Hogewoning Trainer, RIPE NCC.
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
APNIC Member Services George Kuo. MyAPNIC 2 What is MyAPNIC A secure Member services website Internet resources management, for example: –Whois updates.
IPv6: The Future of the Internet? July 27th, 1999 Auug.
The Aerospace Clinic 2002 Team Members Nick Hertl (Project Manager) Will Berriel Richard Fujiyama Chip Bradford Faculty Advisor Professor Michael Erlinger.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
The Internet Useful Definitions and Concepts About the Internet.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.
Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.
TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Network LANscape Servers & Equipment Found In a Typical Local Area Network (LAN) By George Squillace New Horizons of MichiganGeorge Squillace MCT, MCSE,
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Human-Computer Interface Course 5. ISPs and Internet connection.
ProtectionProfiles. 2 Fortinet Technologies Protection Profiles Protection profiles control t the type of traffic protected t HTTP t FTP t IMAP t POP3.
Internet-Based Client Access
 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,
Layer 4 of the TCP/IP protocol stack: Application level Services: TELNET, FTP, SMTP, HTTP, DNS, RIP, NFS Hierarchy of protocols and services.
Chapter 6: Packet Filtering
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Services Working at a Small-to-Medium Business or ISP – Chapter 7.
HOW ACCESS TO WWW Student Name : Hussein Alkhaldi.
1 San Diego, California 25 February Securing Routing: RPKI Overview Mark Kosters Chief Technology Officer.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
Component 9 – Networking and Health Information Exchange Unit 1-1 ISO Open Systems Interconnection (OSI) This material was developed by Duke University,
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Access Control List (ACL)
1 Introductory material. This module illustrates the interactions of the protocols of the TCP/IP protocol suite with the help of an example. The example.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
TSAG Meeting 1/09/02 Update on Current Technology Initiatives Steven Fitzgerald.
1 Madison, Wisconsin 9 September14. 2 Security Overlays on Core Internet Protocols – DNSSEC and RPKI Mark Kosters ARIN Engineering.
TCP/IP (Transmission Control Protocol / Internet Protocol)
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
LO1 Know types of Network Systems and Protocols. Application Layer Protocols.
INTERNET PROTOCOLS. Microsoft’s Internet Information Server Home Page Figure IT2031 UNIT-3.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Security fundamentals Topic 9 Securing internet messaging.
Cisco Discovery Semester 1 Chapter 6 JEOPADY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
Transmission Control Protocol (TCP) Internet Protocol (IP)
Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.
AFRINIC Update Madhvi Gokool Registration Service Manager RIPE66 meeting, Dublin May 2013.
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
TCP/IP Protocol Suite ©Richard L. Goldman September 25, 2002.
AFRINIC Update Adiel A. Akplogan CEO, AFRINIC ARIN-31, Barbados April 2013.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
IPv6 Security Issues Georgios Koutepas, NTUA IPv6 Technology and Advanced Services Oct.19, 2004.
Network Overview. Protocol Protocol (network protocols) - a special set of rules that define communication between two or more devices on a network.
Goals of soBGP Verify the origin of advertisements
Working at a Small-to-Medium Business or ISP – Chapter 7
Welcome To : Group 1 VC Presentation
Working at a Small-to-Medium Business or ISP – Chapter 7
Working at a Small-to-Medium Business or ISP – Chapter 7
Improving global routing security and resilience
By Seferash B Asfa Wossen Strayer University 3rd December 2003
Presentation transcript:

Presenter: Mark Elkins Topic: Things not getting done

Things not getting done Mark Elkins AfriNIC-17

Technical solutions exist and are universally accepted, yet... 1)DNSSEC 2)IPv6 enablement 3)Telnet elimination 4)Egress filtering of routes

DNSSEC The Domain Name System (DNS) set of security extensions which provide some additional levels of security atop DNS This refers both to: – signing zones – operating validating servers ( Using DNSSEC aware applications (dnssec validator) DNSSEC Training ( DANE: DNS-Based Authentication of Named Entities (SSL, SMTP, S/MIME, XMPPetc)

IPv6 Enablement Production implementation of the IPv6 protocol including public accessibility, routing, and availability of all IPv4 public services over IPv6. Get an allocation from AfriNIC (Its often free) Dual Stack your core, Peering and Transit Dual Stack Web, Nameservers and Dual stack your customers

Telnet elimination Should be eliminated in favour of more secure protocols like SSH Consider a similar treatment for – POP3/IMAP –

Egress Filtering of Routes Implementation of security policies at the router level, restricting traffic between networks which do not meet routing policy (BCP38). – Filter to only allow your networks to leave your network

Technical solutions exist but fair minded people debate the need 1)Route Registry 2)Secure HTTP (HTTPS) 3)Route Aggregation 4)Mail Submission

Route Registry Database of routing objects, provided by the RIRs and other organizations, for configuring routers and establishing/maintaining routing policy. – Possible starting point for RPKI

HTTPs Hypertext Transfer Protocol Secure is a preferred communication protocol over the Internet when compared to HTTP alone. We need to encourage implementation by applications. – Combine with DNSSEC and DANE

Route aggregation Active management of routes, routing slots, routing policy, and prefixes to structure IP address blocks into a hierarchical manner optimizing Classless Inter-Domain Routing (CIDR).

Mail Submission Securing the origination of s by blocking port 25 (SMTP) and only accepting s on port 587 (submission) which can be both authenticated (user/passwd) and encrypted (SSL/TLS) – Effectively eliminate SPAM generation from mail robots

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.