IIJ Technical WEEK 2013 Day3 (in English)
- IIJ_doumae
- 1006
- 0
- 0
- 0
IIJ Technical WEEK 2013 Day3 (in English)
IIJ is a Internet Service Provider of Japan.
"Technical WEEK" is a sessions by the engineers of IIJ.
These are summary of Session 1 and 2. Tweets by Kenji Rikitake.
Program and Hands-outs. (in Japanese)
http://techlog.iij.ad.jp/archives/815
IIJ Website (in English)
http://www.iij.ad.jp/en/
I was here last time in 2011 for ACM Erlang Workshop. Good place and great weather.
2013-11-21 12:16:01Personal data, NSA, home router - three fiascos on the Internet #iij_tw2013
2013-11-21 13:36:16Global paradigm shift after Snowden: “there’s surely somebody is watching me” #iij_tw2013
2013-11-21 13:40:37Authentication information theft - not only id/password but all related stuff and chain of reused auth info exploited #iij_tw2013
2013-11-21 13:42:03Exploit kits enable individual attackers to focus on specialized technologies, and evade tracking from the authorities #iij_tw2013
2013-11-21 13:45:40Targeted attacks against enterprise networks still continuing - not only to nat’l agencies but to ordinary corporations #iij_tw2013
2013-11-21 13:47:49Attackers tend to use pre-build exploit kits and the attack vectors do not change much #iij_tw2013
2013-11-21 13:49:15(Note: Internet Initiative Japan is a leading service provider in Japan. Today is the Tech Week conf day 3 for security. #iij_tw2013)
2013-11-21 13:50:32DDoS: 4 to 10Gbps observed at IIJ, 100 to 300Gbps worldwide / DNS Amplification and open resolver attacks make a trend #iij_tw2013
2013-11-21 13:52:1320-MAR-2013 attack in Korea abusing corporate software update infrastructure was serious - the goal was destroying it #iij_tw2013
2013-11-21 13:54:04IIJ Tech Week 2013 Archive (in Japanese) http://t.co/0I5tTHUymc
2013-11-21 13:55:07The nature of home networks are changing: home appliances will soon become viable targets through WLAN #iij_tw2013
2013-11-21 13:56:08Attack examples: webcam hacked and used for snooping #iij_tw2013
2013-11-21 13:57:28Default config vuln of CPE revealed in Japan - devices remains unprotected - still thousands of vuln CPEs remain #iij_tw2013
2013-11-21 14:01:59The Japanese CPE with vuln remains: ~300K units / actual incidents/damages occur #iij_tw2013
2013-11-21 14:03:27An anonymous research paper: 20M routers are accessible (with exploited 420K routers for forwarding) #iij_tw2013
2013-11-21 14:05:17CPE vuln: UPnP weakness remains in 23M devices (libupnp) #iij_tw2013
2013-11-21 14:06:21DNS misconfigured as open resolvers: massive relay attacks with size amplification (of many RRs) and spoofed IP sources #iij_tw2013
2013-11-21 14:09:25What is legitimate or non-legitimate attack canNOT be distinguished by the Internet service providers. #iij_tw2013 (eg Spamhaus/CloudFlare)
2013-11-21 14:10:34Observed DNS amplification-intended abuse: from Canada in March, from China in September #iij_tw2013
2013-11-21 14:12:11DNS open resolver exploitation looks not systematic (try-and-error) - though targeting attacks do exist #iij_tw2013
2013-11-21 14:13:40CPE's unaware risks: devices connected BOTH your home network and the workplace networks will be a viable attack vector #iij_tw2013
2013-11-21 14:15:07IIJ investigates their own users' vulnerability. (I will not tweet about the details as requested by the speaker) #iij_tw2013
2013-11-21 14:17:02