Analytics
8/6/2012
05:56 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

DNS System Enables ISPs To Meet New FCC Anti-Botnet Code Of Conduct

Xerocole, Damballa partner to identify and take corrective action against subscriber machines that are infected with botnet malware

KEYSTONE, Colo., CableLabs Summer Conference, Aug. 6, 2012 - Xerocole, the intelligent broadband DNS company, and Damballa Inc., the company transforming the fight against cyber threats, today announced a partnership to help cable, telecom and internet service providers identify and take corrective action against subscriber machines that are infected with botnet malware. The integration of Damballa CSP (Communications Service Providers) with the Xerocole DNS WorX platform will provide additional monitoring capabilities to detect malicious activity and network abuse originating from endpoint devices.

The companies will demonstrate this joint solution and how it helps carriers comply with the FCC's new Anti-Botnet Code of Conduct (ABCs) at the CableLabs Summer Conference. Xerocole has also published a whitepaper on meeting the FCC ABC. A copy is available here.

"Botnet-controlled endpoints generate high levels of malicious traffic and consume valuable network resources and bandwidth," said Barry Greene, member of the US FCC Communications Security, Reliability and Interoperability Council (CSRIC). "Xerocole DNS WorX with Damballa CSP allows service providers to automatically detect malware infected subscriber machines, and provides an unattended mechanism to notify their customers and provide them with remediation steps so they can clean up their device."

Xerocole DNSWorX with Damballa CSP

Under terms of the partnership, Xerocole will resell Damballa CSP as an optional component of its Xerocole DNS WorX all-in-one DNS management system. The Xerocole platform enables broadband network operators to support IPv6 and DNSSEC, monetize non-existent domain errors, and deliver personalized services to subscribers. The integration of Damballa CSP provides DNS WorX with advanced botnet monitoring and detection capabilities.

Damballa CSP protects some of the largest cable and wireless ISP networks in the world. By monitoring DNS activity to detect infected subscribers, Damballa CSP is a 'light weight,' highly scalable and powerful solution for identifying network abuse and infected subscribers.

DNS WorX's unique subscriber access mapping and programmability allows carriers to present subscribers with policy-based, individualized, in-session notifications via the Xerocole InformX walled garden module. If a subscriber machine is generating malicious traffic, DNS WorX can automatically alert the customer by presenting a user-friendly web page that explains the problem and provides resources for disinfecting the device.

"Infected subscriber machines and botnet traffic not only hog network resources but they also increase network management costs," said Rob Fleischman, CTO of Xerocole. "By adding Damballa CSP to the DNSWorX suite we are providing network operators with an additional world-class source for pinpointing malicious activity, which can be remediated using our unattended InformX customer notification capabilities."

"Xerocole DNS WorX is emerging as a leading next generation DNS management platform for cable, telecom and internet service providers," said David Petty, vice president of worldwide channels at Damballa. "The combination of Damballa and Xerocole provides carriers with unmatched botnet detection and remediation capabilities."

Availability

Xerocole DNS WorX with Damballa CSP is available immediately from Xerocole.

About Xerocole

Xerocole enables network operators to deliver intelligent broadband DNS services. The company's products address one of the biggest challenges facing service providers today: migration to IPV6 and DNSSEC. Xerocole unifies DNS management so carriers can seamlessly support IPV6, provide policy-driven non-existent (NX) domain responses for search monetization and deliver subscriber-aware services. The company saves service providers money while allowing them to deliver faster, personalized and more reliable internet access services. Xerocole technology is currently being used to support more than 30 million subscribers. Xerocole's management team has been developing carrier scale infrastructure solutions for 15 years at Sandvine, Simplicita, Openwave Systems, and Software.com. For more information visit www.xerocole.com.

About Damballa

Damballa is a pioneer in the fight against cybercrime. Damballa provides the only network security solution that detects the remote control communication that criminals use to breach networks to steal corporate data and intellectual property, and conduct espionage or other fraudulent transactions. Patent-pending solutions from Damballa protect networks with any type of server or endpoint device including PCs, Macs, Unix, smartphones, mobile and embedded systems. Damballa customers include mid-size and large enterprises that represent every major market, telecommunications and Internet service providers, universities, and government agencies. Privately held, Damballa is headquartered in Atlanta. http://www.damballa.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-4988
Published: 2014-07-09
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

CVE-2014-0207
Published: 2014-07-09
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

CVE-2014-0537
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-0539
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-3309
Published: 2014-07-09
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.