15 July 2014 at 3:49pm
The environment that Janet CSIRT works in is changing. Almost a decade ago, most of the incidents we dealt with would start with a complaint emailed to us by a human; this would result in a team member having five or ten open incidents, maybe even twenty on a busy day. Nowadays the majority of information we receive is sent to us from automated systems run by third parties; this means that much of our current work is relaying this information and chasing acknowledgements to and from customers.
15 July 2014 at 10:52am
In response to feedback earlier in the year we've been able to arrange for an externally certified Lead Implementer course in London on the 11th-13th of August, which we can provide to you at a reduced cost of £870.00 plus VAT. Details, and the booking form are available at:
9 July 2014 at 12:30pm
Janet CSIRT are a member of a global non-profit organisation called the Forum of Incident Response and Security Teams, or FIRST. There are a number of FIRST member events throughout the year including an annual conference.
14 October 2014 at 1:33pm
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
26 June 2014 at 10:10am
Time to move from the mechanics and policy of DNS replication to a new topic. Within the global DNS there are two roles that a server can play: ones that hold data - nameservers, and ones that fetch that data for clients - resolvers. Nameservers need to provide their data to the entire Internet whereas resolvers serve a small set of client systems.
24 June 2014 at 1:53pm
Having designed a redundant DNS infrastructure, one of the most common mistakes is failing to ensure that secondary nameservers can successfully replicate data for the domains it is hosting. The most common way this is done on the Internet is though zone transfers - the AXFR command. This command causes a DNS server to reply with all the data it knows for a domain.
24 June 2014 at 1:52pm
When providing DNS nameserver services a degree of redundancy is needed. In most cases the DNS records for a particular domain will be hosted by at least two nameservers, but is that enough by itself? When building a resilient system the risks involved with the failure modes of the system need to be considered and weighed up against the associated costs and overheads. As a common example - does having both DNS servers on the same local network segment provide you with protection against network failure? Probably not.
Subscribe to infosec