Skip to content

Command and Control

Search

Search

Categories

Categories

Topics

Topics

Sort

Sort

How to Enhance Threat Intelligence with Newly Observed Domains

Domain names life cycle… Domain names are used as a way to abstract the location of the related application or service and hide its IP address to the user. It is much easier to remember a meaningful name than a meaningless IP address, particularly when it comes to IPv6 addresses. Before anything, one needs to register the new domain name in a Domain Name Registrar. This corresponds to reserving the name so no one else can use it from then...

Enhancing IoT Security with DNS CQF

IoT devices are popping up every second, with many being on an organization’s network but not always under the control of I&O teams. These devices are required to be identified, inventoried, screened, managed and secured in order not to cause any problems to the rest of the IT ecosystem, the users or the organization itself. This requires tooling and processes where the DDI (DNS-DHCP-IPAM) certainly has an important role to play, in particular EfficientIP’s DNS Client Query Filtering (CQF) feature....

Application Access Control: It All Starts with DNS

Most IP communication starts with a DNS query to translate the server name contained in a URL or any application solution into an IP address. Whether it uses TCP or UDP (or any other communication protocol), and whether it uses IP version 4 or 6, the session will be established after the DNS resolution. DNS is at the intent of any application exchange, it can perform value-added actions like securing the communication, filtering predefined destination sites, optimizing the destination or...

Remote Worker Protection Using DoH

Most organizations now have remote workers and need to provide them with maximum comfort and security to perform their operations. We all know that DNS can be abused to carry out very powerful attacks, animate botnet activities, exchange data with command and control servers or for exfiltrating valuable information. Remote workers always use the public infrastructure from each ISP to connect back to the organization’s IT system and to consume SaaS or cloud services and applications. This shared and public...

Why Using DoH is Questionable

DoH (DNS over HTTPS) is an interesting solution for securing the transport of DNS traffic up to the first resolver. But is it required? What are the drawbacks? Do we really need it? Can we trust its usage and the DoH providers currently available? After a few months of intensive usage, some are pushing the message that in the context of an organization DoH is an important subject for I&O teams and more generally for the CISO & CIO to...

Predictions 2020: Networks and IT Biggest Impacts

From 5G driving SDN and NFV, to exploding enterprise apps, edge computing, connected hybrid clouds and, of course, cybersecurity, the new decade in 2020 promises to be very eventful for network and security managers across the globe. Here are our predictions for the top five trends that will shape technology and the networks industry in the coming year. 1. Infrastructure will move closer to the edge Progressing towards multiple clouds is a really smart move. It helps ease digital transformation...

2019: The Year That Saw Cost Per DNS Attack Soar Past $1M

For organizations globally, across all industries, cybersecurity was once more one of the hottest topics of the year. The SonicWall report states that in just the first nine months 7.2 billion malware attacks were launched, with IoT malware worryingly increasing by 33% to 25 million. As the frequency of attacks continued to increase, DNS remained a favorite target, as well as an attack vector (91% of malware are using DNS). The IDC 2019 Global DNS Threat Report revealed 82% of...

Why Protecting DNS Requires More Than Firewalls

(This week’s blog article was originally published in March 2017, but still rings true today). Way back when, in the early days of the Internet, all we needed to protect our systems was a firewall. You’d set up a Nokia box or a Cisco PIX, enable a few rules, and walk away, safe in the knowledge that your servers and services were protected. But the world has changed, and despite the hard work of the firewall vendors, the threat landscape...

Data Driven Network Security with Machine Learning

Today’s threats are sophisticated, malware deploys a long time prior to activation using complex command and control mechanisms, and theft of data and personal information is a strong motivation for hackers. In this context, DNS traffic plays a vital role in enterprise network security since it offers the possibility of seeing the intent of most traffic, whether it is legitimate or not. Countermeasures based on DNS provide an opportunity to filter a lot of malicious traffic, but DNS security requires...

Zero Trust: Verifying beyond perimeters, DNS security is key

Zero trust architecture is a paradigm focusing on a client rather than networks. It can be complex to set up, but a first simple step is possible with an appropriate DNS security solution. Perimeter security is not enough Most enterprise networks are based on security topology separating the internal and the external networks. The internal where the users are located, and the external which connects to the Internet and partners. Most of the time, intermediate zones are built to allow...

Simplify & Secure Your Network

When our goal is to help companies face the challenges of modern infrastructures and digital transformation, actions speak louder than words.

SOLIDserver UX interface