whose internet is it anyway
play

Whose Internet Is It, Anyway? Blackhat DC 2010 Andrew Fried, ISC, - PowerPoint PPT Presentation

Apr 02, 2024 •41 likes •381 views

Whose Internet Is It, Anyway? Blackhat DC 2010 Andrew Fried, ISC, SURBL Richard Cox, Spamhaus Ben Butler, GoDaddy How we use the Internet Web Surfing Email Social Networking (Facebook, MySpace,Twitter) Word Processing,

  1. Whose Internet Is It, Anyway? Blackhat DC 2010 Andrew Fried, ISC, SURBL Richard Cox, Spamhaus Ben Butler, GoDaddy

  2. How we use the Internet • Web Surfing • Email • Social Networking (Facebook, MySpace,Twitter) • Word Processing, Spreadsheets, Powerpoint • VoIP

  3. What the bad guys attack • Web Surfing • Email • Social Networking (Facebook, MySpace,Twitter) • Word Processing, Spreadsheets, Powerpoint • VoIP

  4. Who “owns” the Internet • Internet consists of tens of thousands of independently owned and operated networks • Various networks are connected via telecoms, ISPs, and backbone providers • Private peering arrangement between providers • Public peering points that connect the ISPs and Providers No one entity owns the Internet! No one entity is in charge of the Internet.

  5. Your email, Your inbox

  6. Your email, Your inbox

  7. Your email, Your inbox

  8. Your email, Your inbox

  9. Your email, Your inbox

  10. Your email, Your inbox

  11. Your email, Your inbox

  12. Your email, Your inbox

  13. Your email, Your inbox

  14. Your email, Your inbox

  15. Your email, Your inbox

  16. Your email, Your inbox

  17. Your email, Your inbox

  18. Your email, Your inbox

  19. Your email, Your inbox

  20. Your email, Your inbox

  21. Your email, Your inbox

  22. Researcher’s “View” Possible botnets detected: sucipa.vc Host: sessionidVTKFJX5L8ZY.cforms.visa.com.sucipa.vc 183.87.51.225 189.18.108.77 189.192.53.189 189.194.129.62 189.231.5.193 190.213.161.169 201.43.140.52 201.139.142.208 93.177.185.72 94.55.1.250 94.240.225.56 95.104.39.180 118.33.211.102 123.231.59.214 124.25.235.164

  23. Researcher’s “View” uiurluso.cn uivcxwno.cn uivjvvko.cn uivkrsuo.cn uivtyywo.cn uiwpyvbo.cn uiwweoco.cn uiwyhjlo.cn uixaevjo.cn uixdjgfh.cn uixjnrqo.cn uixxmiho.cn uiymdmmo.cn uiyzfkoo.cn uizghezo.cn uizmfmwo.cn ujanxgio.cn

  24. Researchers “View” URL gets captured in the spamtrap: http://alerts.cforms.visa.com.iursedq.com.vc/secureapps/vdir/ cholderform.php? ref=3D224366338567325670281313395621728265132179 86215473428007364284341942084744511&email=XXXX

  25. Researcher’s View The chase is on to put the pieces of the puzzle together

  26. Fake Whois Created On:27-Jan-2010 20:29:24 UTC Last Updated On:27-Jan-2010 20:29:24 UTC Expiration Date:27-Jan-2011 20:29:24 UTC Sponsoring Registrar:IP Mirror Pte. Ltd. (R116-LRCC) Registrant Name:Ayenne Applebaum Registrant Organization: Registrant Street1:6505 Marissa Circle Registrant Street2: Registrant Street3: Registrant City:Lake Worth Registrant State/Province:Lake Worth Registrant Postal Code:58441 Registrant Country:US Registrant Phone:+1.5613123655

  27. It’s a Fast Flux Domain! ;; ANSWER SECTION: iursedq.com.vc. 1800 IN A 115.177.129.136 iursedq.com.vc. 1800 IN A 116.50.154.197 iursedq.com.vc. 1800 IN A 118.33.211.102 iursedq.com.vc. 1800 IN A 189.110.149.105 iursedq.com.vc. 1800 IN A 189.193.229.197 iursedq.com.vc. 1800 IN A 189.194.133.9 iursedq.com.vc. 1800 IN A 189.194.204.79 iursedq.com.vc. 1800 IN A 190.213.161.169 iursedq.com.vc. 1800 IN A 200.95.250.127 iursedq.com.vc. 1800 IN A 201.43.140.52 iursedq.com.vc. 1800 IN A 201.139.142.208 iursedq.com.vc. 1800 IN A 211.255.29.30 iursedq.com.vc. 1800 IN A 69.79.96.70 iursedq.com.vc. 1800 IN A 114.24.3.17 iursedq.com.vc. 1800 IN A 114.186.241.236

  28. View via Passive DNS

  29. View via Passive DNS

  30. Nameserver ; AUTHORITY SECTION: iursedq.com.vc. 1800 IN NS ns1.whiskybrend.net. iursedq.com.vc. 1800 IN NS ns1.nodefront.net. iursedq.com.vc. 1800 IN NS ns2.nodefront.net. iursedq.com.vc. 1800 IN NS ns2.whiskybrend.net.

  31. Ah, more “leads” to chase!

  32. Threat Mitigation - Zeus • Estimates of 600,000 victims • Anti Virus totally ineffective (less than 20% detection rates) • What can be done, and who should do it?

  33. Whack a mole approach Security Researchers • Identify Fraudulent Domains • Identify Associated Nameservers • Enumerate Address Space Internet Service Providers • Shut down web hosting accounts • Null route servers • Remove DNS records • Lock email accounts • Preserve evidence for Domain Registrars • Deregister Domains • Lock accounts • Remove DNS Glue Records

  34. Blackhat DC 2010 Whose Internet Is It, Anyway?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your favourite team? Do you use the internet to watch music videos? Do you use the Internet to read the news? Do you use the Internet to play games? Shared

997 views • 51 slides
Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet Server Client Attack vectors MAN DNS LAN Client Internet Back Bone Router Networking WWW overview MITM (Man In The Middle) 3 2 4 5 LAN

244 views • 23 slides
How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

5/15/2012 How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been tremendously successful From Architecture to Network Has sustained tremendous growth g Supports very diverse set of applications

484 views • 10 slides
IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites Robert Bjekovic, University of applied sciences Ravensburg Weingarten, Weingarten, Germany Michael Elwert, University of applied

351 views • 32 slides
Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of

Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of

Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of Networking and Computing, Where Everything Is Intelligently Connected Family device layout. Think weve done in past. Add in printer, electric meter,

397 views • 22 slides
Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet

Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet

Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet Internet is international scope with users on every continent Asians make up 40% of Internet population Europeans about 20% North America

1.01k views • 56 slides
Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement

Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement

Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement Systems Workshop (AIMS) February 6-8, 2013 Ram Durairajan Computer Sciences University of Wisconsin Motivation rkrish@cs.wisc.edu 2

505 views • 33 slides
History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet timeline from 1970s until today The Internet today 2 Origins of the Internet J.C.R. Licklider of MIT in August 1962 wrote about the

562 views • 13 slides
Internet routing is based on routing protocols that collect the input data No off-line route

Internet routing is based on routing protocols that collect the input data No off-line route

Introduction to Routing in Internet Internet basics IPv4 and ICMP Internet Addressing ARP - Address Resolution Protocol Routing Information (Distance Vector ) Protocol Principles 3-1 S-38.121 S-02 Rka, NB Internet routing is based on

214 views • 18 slides
1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

Background of Chapter Software Infrastructure of the Commercializing Internet Not finished Mostly journalistic Recounting of basic events from secondary sources Focus on interplay between technology and business models Thomas

463 views • 3 slides
CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of

CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of

10/4/16 CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of the Internet in 1990 The Global Internet (And Now) A simple multi-provider Internet 1 10/4/16 The Global Internet Some large

307 views • 12 slides
The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The Internet of Things (IoT ). A proposed development of the Internet in which everyday objects have network connectivity, allowing them to send

575 views • 24 slides
The History of the Internet Presented by the St. Martins Episcopal Technology Department

The History of the Internet Presented by the St. Martins Episcopal Technology Department

The History of the Internet Presented by the St. Martins Episcopal Technology Department Agenda Internet History Internet Evolution Internet Pioneers Internet Growth The Future of the Internet Conclusion

540 views • 24 slides
Welcome to the Indian Prairie Librarys Internet Class I What Is the Internet? The Internet

Welcome to the Indian Prairie Librarys Internet Class I What Is the Internet? The Internet

Welcome to the Indian Prairie Librarys Internet Class I What Is the Internet? The Internet is the largest computer network in the world, connecting millions of computers. A network can also be a group of two or more computer systems linked

371 views • 13 slides
Networking 101.101.101.101 The Internet The Internet is governed by a series of protocols

Networking 101.101.101.101 The Internet The Internet is governed by a series of protocols

Networking 101.101.101.101 The Internet The Internet is governed by a series of protocols that form the rules for how communications should happen The Internet is a network of networks. There is no centralized point. There are no

763 views • 34 slides
Introduction to Global Internet Governance Internet Week Guyana 9/13 October 2017

Introduction to Global Internet Governance Internet Week Guyana 9/13 October 2017

Introduction to Global Internet Governance Internet Week Guyana 9/13 October 2017 kevon@lacnic.net What is the Internet? How does it work? Source: ICANN Historical Facts about the Internet 1975: TCP/IP test between two networks (Stanford

634 views • 25 slides
Three Years in the Life of the Spoofer Project Matthew Luckie, Ken Keys, Ryan Koga, Robert

Three Years in the Life of the Spoofer Project Matthew Luckie, Ken Keys, Ryan Koga, Robert

Three Years in the Life of the Spoofer Project Matthew Luckie, Ken Keys, Ryan Koga, Robert Beverly, kc claffy https://spoofer.caida.org/ WTMC, August 20th 2018 w w w . cai da. or Pitch Measurement enables solutions to fundamentally

779 views • 43 slides
USA VOLLEYBALL JUNIOR PLAYER AGE DEFINITION For use during the 2019-2020 Season To determine the

USA VOLLEYBALL JUNIOR PLAYER AGE DEFINITION For use during the 2019-2020 Season To determine the

USA VOLLEYBALL JUNIOR PLAYER AGE DEFINITION For use during the 2019-2020 Season To determine the correct age division, please find the Month of Birth in the left column and then the year of birth in the same row. The heading of the column

228 views • 7 slides
P ARALLELISM ON H ETEROGENEOUS C ACHE - C OHERENT S YSTEMS Moyang Wang, Tuan Ta, Lin Cheng,

P ARALLELISM ON H ETEROGENEOUS C ACHE - C OHERENT S YSTEMS Moyang Wang, Tuan Ta, Lin Cheng,

E FFICIENTLY S UPPORTING D YNAMIC T ASK P ARALLELISM ON H ETEROGENEOUS C ACHE - C OHERENT S YSTEMS Moyang Wang, Tuan Ta, Lin Cheng, Christopher Batten Computer Systems Laboratory Cornell University Page 1 of 26 M ANYCORE P ROCESSORS Motivation

1.12k views • 80 slides
Analysis and modeling of the KAD P2P network Bachelor thesis summary presentation Maximilian

Analysis and modeling of the KAD P2P network Bachelor thesis summary presentation Maximilian

Lehrstuhl f ur Netzarchitekturen und Netzdienste Analysis and modeling of the KAD P2P network Bachelor thesis summary presentation Maximilian Sievert Lehrstuhl f ur Netzarchitekturen und Netzdienste Institut f ur Informatik

569 views • 30 slides
The fight against SPAM An Internet Number Resources

The fight against SPAM An Internet Number Resources

The fight against SPAM An Internet Number Resources Management Perspec5ve By Amreesh D. Phokeer 04/12/2015 Overview 1. Background 2. Sta2s2cs 3.

474 views • 32 slides
On Measuring the Client- Side DNS Infrastructure Kyle Schomp , Tom Callahan, Michael

On Measuring the Client- Side DNS Infrastructure Kyle Schomp , Tom Callahan, Michael

On Measuring the Client- Side DNS Infrastructure Kyle Schomp , Tom Callahan, Michael Rabinovich , Mark Allman Case Western Reserve University International Computer Science Institute 10/23/2013 ACM IMC 2013 1 Motivation

1.07k views • 64 slides
Fourth Quarter 2014 Investor Call M. Terry Turner, President and CEO Harold R. Carpenter, EVP

Fourth Quarter 2014 Investor Call M. Terry Turner, President and CEO Harold R. Carpenter, EVP

Fourth Quarter 2014 Investor Call M. Terry Turner, President and CEO Harold R. Carpenter, EVP and CFO January 21, 2015 Safe Harbor Statements Forward-looking statements Certain of the statements in this presentation may constitute

805 views • 54 slides
Identifying Video Spammers in Online Social Networks Fabrcio Benevenuto 1 , Tiago Rodrigues 1 ,

Identifying Video Spammers in Online Social Networks Fabrcio Benevenuto 1 , Tiago Rodrigues 1 ,

Identifying Video Spammers in Online Social Networks Fabrcio Benevenuto 1 , Tiago Rodrigues 1 , Virglio Almeida 1 , Jussara Almeida 1 , Chao Zhang 2 , Keith Ross 2 1 Federal University of Minas Gerais Brazil 2 Polytechnic University New

311 views • 17 slides

More recommend