A very significant percentage of DDoS attacks are spoofed – is a well known fact in the industry. Spoofed TCP SYN, spoofed UDP and spoofed ICMP are the most common protocols used for creating the havoc for most data centers. Despite this well-known fact, some products in the DDoS space create beautiful graphs with source countries. Unless they are actually collecting data in an appliance that’s deployed closest to the source of the attack, this data may neither be correct nor can it be trusted.    Figure 1 Top... [Read More]
by RSS Hemant Jain  |  Jul 03, 2015  |  Filed in: Security Research
It's no secret that most DNS reflection attacks flooding the Internet today are caused by spoofing the source address. SYN floods, for example, are spoofed TCP floods, in which the source of the IP packets appears to be different than their actual origin. And according to industry statistics, SYN floods are the second most popular DDoS infrastructure attack vector, comprising around 15 percent of all attacks. Similarly, UDP and ICMP floods are attacks that are also easily spoofed. UDP floods, in fact, represent the highest percentage of protocols... [Read More]
by RSS Hemant Jain  |  Jun 12, 2014  |  Filed in: Industry Trends
A: Email is totally insecure. Despite this fact, it is relied upon for some of our most critical personal and business communications. Circa 1980, The Simple Mail Transfer Protocol (SMTP) was designed without even a glimmer of what the internet would become. Security was not as paramount a concern as it is now; it never made it into the protocol. Changing this has been an uphill struggle due to the sheer number of mail servers and users who rely on them. Even today, by default, email is sent in plain text (if both servers do not already use... [Read More]
by RSS Carl Windsor  |  Nov 14, 2013  |  Filed in: Security Q & A