Members
Stats
  • Total Posts: 28530
  • Total Topics: 8241
  • Online Today: 870
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: McAfee Cyber Defense Center Zooms In on Middle East  (Read 504 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 723
  • KARMA: 116
  • Gender: Male
  • Pez
McAfee Cyber Defense Center Zooms In on Middle East
« on: 10. March 2014., 12:38:12 »
McAfee Cyber Defense Center Zooms In on Middle East

From McAfee’s first Cyber Defense Center (CDC) in Dubai, we closely monitor threats and activities in Europe and the Middle East. Since the Center’s official launch in September 2013, we have seen  quite a few interesting trends, especially in the Persian Gulf region.



Many of the activities spotted are related to hacktivism, cybercrime, or regional conflicts. The following table gives an overview of the top-five countries that are under attack, the top-five verticals, and the top-five types of attack that are used in the various incidents and campaigns targeting these countries and industries.



In this region it is safer to launch a protest from behind a desk than to actually go out on the streets and participate in a demonstration.

Tools and quick-setup sites for participating in a distributed denial of service (DDoS) campaign are divided among the participants. It can be as easy as clicking on a short link, which opens a web page containing an application with a front end prefilled with the victim’s details. By clicking on the launch button, the commands are sent to a list of “booter” servers that commence the DDoS attack. An attacker can easily execute an exploit from a computer as well as a smartphone.

One type of DDoS attack scenarios we are monitoring from the CDC are “DNS-amplifying-DDoS” attacks. This scenario allows the actors to boost DNS responses by a factor of 40 or more per DNS request. Either the attackers scan for vulnerable DNS servers or set up their own network of DNS servers. Tutorials, tools, and code are freely available on the Internet to launch these kinds of attacks. Since September 2013, we have seen that most of these attacks were launched against Turkey, with Saudi Arabia and the United Arab Emirates in second and third place, respectively.



Prevention

  • Make sure that DNS recursion is permitted only for the networks that need to use DNS; block recursion for all other networks.

  • In case of BIND, use the new feature DNS Rate Response Limiting (RRL). https://kb.isc.org/article/AA-01000/0/A-Quick-Introduction-to-Response-Rate-Limiting.html

  • A Secure DNS template for BIND is available from Team Cymru. http://www.cymru.com/Documents/secure-bind-template.html

  • Harden NTP servers using SNMP on routers. The NTP and SNMP protocols are commonly used to amplify attacks.


Original article: By Christiaan Beek on Mar 05, 2014
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info

McAfee Cyber Defense Center Zooms In on Middle East
« on: 10. March 2014., 12:38:12 »




 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising