Security Through Obscurity Considered Dangerous

Hiding security vulnerabilities in algorithms, software, and/or hardware decreases the likelihood they will be repaired and increases the likelihood that they can and will be exploited by evil-doers. Discouraging or outlawing discussion of weaknesses and vulnerabilities is extremely dangerous and deleterious to the security of computer systems, the network, and its citizens

Configuration Management and Security

Proper configuration management is vital for host and network security. We outline the problems, especially for large-scale environments, and discuss the security aspects of a number of different configuration scenarios, including security appliances (e.g., firewalls), desktop and server computers, and PDAs. We conclude by discussing research challenges

Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering

A proposal to improve routing security---Route Origin Authorization (ROA)---has been standardized. A ROA specifies which network is allowed to announce a set of Internet destinations. While some networks now specify ROAs, little is known about whether other networks check routes they receive against these ROAs, a process known as Route Origin Validation (ROV). Which networks blindly accept invalid routes? Which reject them outright? Which de-preference them if alternatives exist? Recent analysis attempts to use uncontrolled experiments to characterize ROV adoption by comparing valid routes and invalid routes. However, we argue that gaining a solid understanding of ROV adoption is impossible using currently available data sets and techniques. Our measurements suggest that, although some ISPs are not observed using invalid routes in uncontrolled experiments, they are actually using different routes for (non-security) traffic engineering purposes, without performing ROV. We conclude with a description of a controlled, verifiable methodology for measuring ROV and present three ASes that do implement ROV, confirmed by operators

A Multi-perspective Analysis of Carrier-Grade NAT Deployment

As ISPs face IPv4 address scarcity they increasingly turn to network address translation (NAT) to accommodate the address needs of their customers. Recently, ISPs have moved beyond employing NATs only directly at individual customers and instead begun deploying Carrier-Grade NATs (CGNs) to apply address translation to many independent and disparate endpoints spanning physical locations, a phenomenon that so far has received little in the way of empirical assessment. In this work we present a broad and systematic study of the deployment and behavior of these middleboxes. We develop a methodology to detect the existence of hosts behind CGNs by extracting non-routable IP addresses from peer lists we obtain by crawling the BitTorrent DHT. We complement this approach with improvements to our Netalyzr troubleshooting service, enabling us to determine a range of indicators of CGN presence as well as detailed insights into key properties of CGNs. Combining the two data sources we illustrate the scope of CGN deployment on today's Internet, and report on characteristics of commonly deployed CGNs and their effect on end users

HAIR: Hierarchical Architecture for Internet Routing

Super-linear routing table growth, high update churn, lack of mobility and security, insufficient support for multi-homing and traffic engineering are some of the significant deficiencies of today’s Internet. More and more researchers are convinced that these shortcomings cannot be resolved by incremental and band-aid solutions. In this paper, we introduce HAIR, a scalable routing architecture for the future Internet. It addresses many of the problems the Internet is facing today. The focus is on limiting routing table size and update churn while supporting legacy hosts and avoiding unnecessary burden for transit providers. The key idea is to combine a hierarchical routing approach with locator/identifier separation: The routing as well as the mapping system are organized in a hierarchical manner where updates to both systems are not globally visible as far as possible. First experiences with a prototype implementation are promising and demonstrate a potential migration path where legacy devices are supported as well

Caractérisation de la table de routage BGP

International audienceBGP routing table growth is one of the major Internet scaling issues, and prefix deaggregation is thought to be a major contributor to table growth. In this work we quantify the fragmentation of the routing table by the type of IP prefix. We observe that the proportion of deaggregated prefixes has quasi doubled in the last fifteen years. Our study also shows that the deaggregated prefixes are the least stable; they appear and disappear more frequently. While we can not see significant differences in path prepending between the categories, deaggregated prefixes do tend to be announced more selectively, indicating traffic engineering. We find cases where lonely prefixes are actually deaggregation in disguise. Indeed, some large transit ISPs advertise many lonely prefixes when they own the covering prefix. We show the extents of this practice that has a negative impact on the routing table even though it could usually be avoided.La croissance de la table de routage BGP est un des problèmes majeurs de l'expansion d'Internet, et la désaggrégation des préfixes semble être la cause principale de cette croissance. Dans cet article, nous quantifions la fragmentation de la table de routage BGP en classant les préfixes IP par type. Nous observons que la proportion de préfixes désaggrégés a doublé dans les quinze dernières années. Nous montrons également que ces préfixes sont les moins stables: ils apparaissent et disparaissent plus fréquemment. Malgrés le taux similaire de path prepending pour les différentes catégories de préfixes, les préfixes désaggrégés ont tendance à être annoncés sélectivement, indiquant de l'ingénierie de trafic. Une partie des préfixes solitaires sont en réalité désaggrégés. En effet, certains grands FAI annoncent un grand nombre de préfixes solitaires alors qu'ils possèdent le préfixe les couvrant. Nous dévoilons l'étendue de cette pratique qui a un effet non négligeable sur la fragmentation de la table de routage alors qu'elle pourrait généralement être évitée

Expanding International Email Connectivity-- Another Look

12 pagesUnlike the situation of thirty years ago, when almost all important scientific work occurred in Western countries, the scientific community is becoming increasingly international. Important work and areas of study occur all over the world. Collaborations and ability to access sources of data and other resources are increasingly important to scientific progress. In many fields, we see more and more inter-institutional collaborations on research and papers that draw on the strengths of each of these institutions. Exchanges of ideas and collaboration and review of proposals should not be limited to one country, or even to developed areas. Especially in such areas as the health and social sciences and in all of the various fields that study "global and environmental future" issues, participation of scientists in developing areas has become crucial. This is true whether the scientists themselves are indigenous to, or visiting in, those areas; indeed, as the community becomes more international, the distinction between the two is gradually becoming less clear