Analytics
8/6/2012
05:56 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

DNS System Enables ISPs To Meet New FCC Anti-Botnet Code Of Conduct

Xerocole, Damballa partner to identify and take corrective action against subscriber machines that are infected with botnet malware

KEYSTONE, Colo., CableLabs Summer Conference, Aug. 6, 2012 - Xerocole, the intelligent broadband DNS company, and Damballa Inc., the company transforming the fight against cyber threats, today announced a partnership to help cable, telecom and internet service providers identify and take corrective action against subscriber machines that are infected with botnet malware. The integration of Damballa CSP (Communications Service Providers) with the Xerocole DNS WorX platform will provide additional monitoring capabilities to detect malicious activity and network abuse originating from endpoint devices.

The companies will demonstrate this joint solution and how it helps carriers comply with the FCC's new Anti-Botnet Code of Conduct (ABCs) at the CableLabs Summer Conference. Xerocole has also published a whitepaper on meeting the FCC ABC. A copy is available here.

"Botnet-controlled endpoints generate high levels of malicious traffic and consume valuable network resources and bandwidth," said Barry Greene, member of the US FCC Communications Security, Reliability and Interoperability Council (CSRIC). "Xerocole DNS WorX with Damballa CSP allows service providers to automatically detect malware infected subscriber machines, and provides an unattended mechanism to notify their customers and provide them with remediation steps so they can clean up their device."

Xerocole DNSWorX with Damballa CSP

Under terms of the partnership, Xerocole will resell Damballa CSP as an optional component of its Xerocole DNS WorX all-in-one DNS management system. The Xerocole platform enables broadband network operators to support IPv6 and DNSSEC, monetize non-existent domain errors, and deliver personalized services to subscribers. The integration of Damballa CSP provides DNS WorX with advanced botnet monitoring and detection capabilities.

Damballa CSP protects some of the largest cable and wireless ISP networks in the world. By monitoring DNS activity to detect infected subscribers, Damballa CSP is a 'light weight,' highly scalable and powerful solution for identifying network abuse and infected subscribers.

DNS WorX's unique subscriber access mapping and programmability allows carriers to present subscribers with policy-based, individualized, in-session notifications via the Xerocole InformX walled garden module. If a subscriber machine is generating malicious traffic, DNS WorX can automatically alert the customer by presenting a user-friendly web page that explains the problem and provides resources for disinfecting the device.

"Infected subscriber machines and botnet traffic not only hog network resources but they also increase network management costs," said Rob Fleischman, CTO of Xerocole. "By adding Damballa CSP to the DNSWorX suite we are providing network operators with an additional world-class source for pinpointing malicious activity, which can be remediated using our unattended InformX customer notification capabilities."

"Xerocole DNS WorX is emerging as a leading next generation DNS management platform for cable, telecom and internet service providers," said David Petty, vice president of worldwide channels at Damballa. "The combination of Damballa and Xerocole provides carriers with unmatched botnet detection and remediation capabilities."

Availability

Xerocole DNS WorX with Damballa CSP is available immediately from Xerocole.

About Xerocole

Xerocole enables network operators to deliver intelligent broadband DNS services. The company's products address one of the biggest challenges facing service providers today: migration to IPV6 and DNSSEC. Xerocole unifies DNS management so carriers can seamlessly support IPV6, provide policy-driven non-existent (NX) domain responses for search monetization and deliver subscriber-aware services. The company saves service providers money while allowing them to deliver faster, personalized and more reliable internet access services. Xerocole technology is currently being used to support more than 30 million subscribers. Xerocole's management team has been developing carrier scale infrastructure solutions for 15 years at Sandvine, Simplicita, Openwave Systems, and Software.com. For more information visit www.xerocole.com.

About Damballa

Damballa is a pioneer in the fight against cybercrime. Damballa provides the only network security solution that detects the remote control communication that criminals use to breach networks to steal corporate data and intellectual property, and conduct espionage or other fraudulent transactions. Patent-pending solutions from Damballa protect networks with any type of server or endpoint device including PCs, Macs, Unix, smartphones, mobile and embedded systems. Damballa customers include mid-size and large enterprises that represent every major market, telecommunications and Internet service providers, universities, and government agencies. Privately held, Damballa is headquartered in Atlanta. http://www.damballa.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web