Remote MIB-item look-up service

Despite some deficiencies, the Internet management framework is widely deployed and thousands of management information base (MIB) modules have been defined thus far. These modules are used by implementers of agent software, as well as by managers and management applications, to understand the syntax and semantics of the management information that may be exchanged. At the manager's side, MIB modules are usually stored in separate files, which are maintained by the human manager and read by the management application. Since maintenance of this file repository can be cumbersome, management applications are often confronted with incomplete and outdated information. To solve this "meta-management" problem, this paper discusses the design of a remote look-up service for MIB-item definitions. Such a service facilitates the retrieval of missing MIB module definitions, as well as definitions of individual MIB-items. Initially the service may be provided by a single server, but other servers can be added at later stages to improve performance and prevent copyright problems. It is envisaged that vendors of network equipment will also install servers, to distribute their vendor specific MIB. The paper describes how the service, which is provided on a best effort basis, can be accessed by managers/management applications, and how servers inform each other about the MIB modules they support

Passive Observations of a Large DNS Service:2.5 Years in the Life of Google

In 2009 Google launched its Public DNS service, with its characteristic IP address 8.8.8.8. Since then, this service has grown to be the largest and most well-known DNS service in existence. The popularity of public DNS services has been disruptive for Content Delivery Networks (CDNs). CDNs rely on IP information to geo-Iocate clients. This no longer works in the presence of public resolvers, which led to the introduction of the EDNSO Client Subnet extension. ECS allows resolvers to reveal part of a client's IP address to authoritative name servers and helps CDNs pinpoint client origin. A useful side effect of ECS is that it can be used to study the workings of public DNS resolvers. In this paper, we leverage this side effect of ECS to study Google Public DNS. From a dataset of 3.7 billion DNS queries spanning 2.5 years, we extract ECS information and perform a longitudinal analysis of which clients are served from which Point-of-Presence. Our study focuses on two aspects of GPDNS. First, we show that while GPDNS has PoPs in many countries, traffic is frequently routed out of country, even if that was not necessary. Often this reduces performance, and perhaps more importantly, exposes DNS requests to state-level surveillance. Second, we study how GPDNS is used by clients. We show that end-users switch to GPDNS en masse when their ISP's DNS service is unresponsive, and do not switch back. We also find that many e-mail providers configure GPDNS as the resolver for their servers. This raises serious privacy concerns, as DNS queries from mail servers reveal information about hosts they exchange mail with. Because of GPDNS's use of ECS, this sensitive information is not only revealed to Google, but also to any operator of an authoritative name server that receives ECS-enabled queries from GPDNS during the lookup process

Whom do we trust - Booters and SSL/TLS certificates

SPRING 2016, 11th edition of the SPRING series, is a single-track event that was sponsored by the special interest group Security – Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI). The purpose of SPRING is to provide young researchers the opportunity to discuss their work with other students and specialists in the research area of IT security. In particular, SPRING is a venue for presentation of early-stage research and solicits submission of scientific papers presenting novel research on malware analysis, intrusion detection, and related systems security topics. As per our tradition, SPRING encourages submissions from the following broad areas: Analysis of vulnerabilities, intrusion detection, malware, incident management and forensics. This year the SPRING 2016 graduate workshop was held in Darmstadt, Germany, and was hosted at the University of Applied Sciences. SPRING took place from the 2nd to the 3rd of June 2016 and was the eleventh edition of the graduate workshop on IT security. It followed the successful events in Neubiberg in 2015, Bochum in 2014, Munich in 2013, Berlin in 2012, Bochum in 2011, Bonn in 2010, Stuttgart in 2009, Mannheim in 2008, Dortmund in 2007 and Berlin in 2006. SPRING 2016 was organized in a 2-day program to encourage interactions between all participants. The program consists of a main track and opening research keynotes. The presented volume includes all extended abstracts presented at SPRING 2016 as defined within the overall final program

Observations of Mira stars with the IOTA/FLUOR interferometer and comparison with Mira star models

We present K'-band observations of five Mira stars with the IOTA interferometer. The interferograms were obtained with the FLUOR fiber optics beam combiner, which provides high-accuracy visibility measurements in spite of time-variable atmospheric conditions. For the M-type Miras X Oph, R Aql, RU Her, R Ser, and the C-type Mira V CrB we derived the uniform-disk diameters 11.7mas, 10.9mas, 8.4mas, 8.1mas, and 7.9mas (+/- 0.3mas), respectively. Simultaneous photometric observations yielded the bolometric fluxes. The derived angular Rosseland radii and the bolometric fluxes allowed the determination of effective temperatures. For instance, the effective temperature of R Aql was determined to be 2970 +/- 110 K. A linear Rosseland radius for R Aql of (250 +100/-60) Rsun was derived from the angular Rosseland radius of 5.5mas +/- 0.2mas and the HIPPARCOS parallax of 4.73mas +/- 1.19mas. The observations were compared with theoretical Mira star models of Bessel et al. (1996) and Hofmann et al. (1998). The effective temperatures of the M-type Miras and the linear radius of R Aql indicate fundamental mode pulsation.Comment: 12 pages, 4 postscript figure

Tangled:A Cooperative Anycast Testbed

Anycast routing is an area of studies that has been attracting interest of several researchers in recent years. Most anycast studies conducted in the past relied on coarse measurement data, mainly due to the lack of infrastructure where it is possible to test and collect data at same time. In this paper we present Tangled, an anycast test environment where researchers can run experiments and better understand the impacts of their proposals on a global infrastructure connected to the Internet