Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
User Rank: Ninja
2/6/2015 | 2:50:59 PM
The operating system only determines encryption levels (Protocols) if you let it, such as in a Windows Server where encryption can be controlled with a simple registry edit. I'd have to believe that these companies are not allowing this to happen and instead are using add on applications like OpenSSL or some other enterprise level data encryption software. Furthermore, if the data is encrypted you cannot access it without the proper keys for access, unless you have a few super-duper computers and more than a few years to hopefully stumble onto the correct key parings.
Although there may be places in the infrastructure where data may not be fully encrypted such as at the point where the application feeds a DB, but even that is very rare. Even rarer (I hope) would be an unencrypted DB holding sensitive data, hell, or ANY DATA. Any company that does not encrypt data in transit is stupid and deserves to be hacked.
Sensitive data that travels over a network are required to be securely encrypted from the point of data entry to the point where the data is processed if those companies are to be HIPPA, PCI or GLBA compliant.
Your comment leaves me to believe that you are either:
a) Trolling
b) Uninformed
c) Not responsible for security on any level
or...
d) Negligent
So you said, "Data Encryption is only helpful if a physical harddrive or machine is stolen, period."... what's the difference between a disc-image or the actual HDD? And a hacker isn't going after a HDD or an image because attempting to obtain either will or should set off alerts, he wants the DB and even that is going to be striped across a RAID. From what I remember about RAID, what you suggest is only "possible" if you remove a drive from a RAID – 0 or RAID – 1, and I don't believe Anthem is "Mom & Pop" enough for that configuration.