Clik here to view.
Should a DNS Firewall be part of your defence-in-depth strategy?
There has been a slew of DNS Firewall related market activity recently that makes me wonder if DNS Firewall related products/solutions are finally gaining market acceptance. OpenDNS is probably one of...
View ArticleClik here to view.
CVE-2015-5477: Sorry, you will need to patch if you’re running BIND!
We don’t normally get too involved with discussing or publishing details about bugs and patches for BIND, however due to the severity of CVE-2015-5477, it has prompted a couple of customers to email me...
View ArticleClik here to view.
Configuring Google SafeSearch with Infoblox DNS Firewall
We recently did some work for a county council who wanted to enable Google SafeSearch for all the schools under their jurisdiction. Initially they were trying to use internal versions of google.com and...
View ArticleClik here to view.
Using Infoblox DHCP failover
Infoblox DHCP is based upon ISC DHCP with a few tweaks here and there. The DHCP failover mechanism that it employs started as a relatively simple 14 page IETF draft proposal (available here) that was...
View ArticleClik here to view.
Understanding Infoblox/ISC DHCP and “abandoned” leases
I have had several discussions lately relating to the recycling of abandoned leases in Infoblox DHCP (which is based upon ISC dhcpd). There seems to be a common misunderstanding about how the process...
View ArticleAn update on recent DNS & DHCP vulnerabilities
There have been several DNS and DHCP vulnerabilities published recently. All the main DDI vendors have now released patches as far as we can tell. Two BIND vulnerabilities in particular are serious...
View ArticleClik here to view.
Calleva Networks announces the launch of D/R Application Switcher (DRAS)
Demonstrating an organizations ability to invoke a disaster recovery plan is a regulatory requirement for certain institutions and needs to be performed on a regular basis. Most organizations use the...
View ArticleCVE-2015-7547: glibc getaddrinfo stack-based buffer overflow
It’s been a torrid few months for BIND with various vulnerabilities and fixes published. This demonstrates the need to implement a robust patching schedule and it may make sense to reserve slots in...
View ArticleClik here to view.
CVE-2016-1285, CVE-2016-1286 and CVE-2016-2088 vulnerabilities
Just a note that more vulnerabilities have been discovered that will require another round of patching. Infoblox have released a new version of NIOS to address these and other vendors are publishing...
View ArticleClik here to view.
Calleva Networks announces closure after sale of assets to PCN Inc.
Calleva Networks Ltd. was formally dissolved on 22nd May 2018 and has now ceased trading. All assets were purchased by PCN Inc. in 2016, including the company name, logo, web site and its contents....
View Article