Desktop Site
Overview | Whitepapers | Tools

Whitepapers

Buy it, Use it, Break it, Fix It. Crash it, Change it, Now upgrade it.

Reporting With Cassandra

Author: Jose Avila | Date: January 1, 2013

Quite commonly the need arises to analyze data over time and provide quick and easy access to those statistics via a dashboard. Providing access to real time stats can be difficult as the quantity of data being analyzed grows. This article will cover one potential solution for storing, and querying statistical data with Apache Cassandra for real time report generation.

Download PDF HERE

LOCATION AWARE DDOS ATTACKS

Author: JOSE AVILA | Date: June 17, 2010

The future is coming and change is inevitable! This presentation will dive into how content delivery networks currently announce their networks, and how this may change as a proposed IETF draft gets implemented. The draft allows for an EDNS0 extension to relay source network information to authoritative name-servers. With Google, NeuStar, and Name.com sitting as the heavy backers to this draft, it will most definitely affect some of the largest networks on the planet. Botnets have historically relied on DNS for both hiding their networks and determining their targets. Attackers could leverage this extension to provide an in depth knowledge of a network's geographical layout, in order to launch targeted distributed denial of service attacks!

Download PDF HERE

Recursive DNS Cache Auditing

Author: Jose Avila | Date: July 25, 2008

Dan Kaminsky of IOActive recently discovered a flaw in multiple DNS server implementations. The flaw is detailed in US-Cert Vulerability Note VU#800113. Dan coordinated efforts with multiple experts, including Paul Vixie, to organize what could arguably be one of the most responsible disclosures conducted in this industry. This disclosure and subsequent release involved multiple vendors meeting together to discuss issues, and courses of action, and then simultaneously releasing patches to the public. In the months leading up to the public release, Jose Avila of ONZRA discussed the need for an open source solution for detecting cache poisoning events with Dan. This white paper provides a brief background on DNS as it relates to cache auditing, a method for auditing recursive DNS server caches, and the details of CacheAudit, which is based on these auditing methods.

Download PDF HERE
Have a look our tools »
ONZRA's creative thinking about security and innovative attack strategies were extremely impressive. Their team has an amazing ability to discover vulnerabilities that other auditors had missed. It's obvious that ONZRA draws from a long background in security research using techniques developed in-house rather than a check list of best practices. We worked together to implement the needed remediation and the level of customer service I received was a great experience.
Aaron Markham
VP of Content Security
Technicolor