BreakingPoint ATI Blog

Massive-Scale Simulation & Testing. Anywhere, Anytime.

2012-05-10T00:00:00 -0400

Real-world massive-scale performance and security testing is always evolving, but some things always remain the same. Rack space, in many environments, is at a premium; companies need to perform testing in the field; and government and military organizations need to train cyber warriors all over the world. And yesterday BreakingPoint debuted the world’s first 1U device capable of massive-scale performance and security simulation and testing.

Spring Cleaning: Five Advanced Programming Issues

2012-05-07T00:00:00 -0400

As a programmer, you already know about many programming issues and how to avoid them. But there are some that are more subtle yet every bit as dangerous when hackers are involved. In our roles at BreakingPoint, my colleagues and I get to think about the various problems that our customers have with their networks. We look at problems from multiple sides and help re-create known problems in order to mediate and to prevent bugs from getting into the wild. The ultimate goal is to stop hackers from disrupting networks.

Deep Packet Inspection, Viber, and You

2012-05-03T00:00:00 -0400

DPI, or deep packet inspection, is an acronym you have probably heard more than a few times. It is used by a broad range of devices for an equally broad range of applications. For example:

Firewalls employ DPI to detect malicious traffic early, blocking attacks and malware before they ever enter the network. DPI can do this by detecting malformed, protocol-specific packets known to cause crashes or to carry malicious payloads.
Routers and management hardware use DPI to classify traffic based on its hosts, the protocols used, and potentially fields within protocols. This knowledge allows administrators of large networks to identify and throttle large-bandwidth consumers, among other things.

No Public Exploit Available? No Worries: The Story of CVE-2012-0002

2012-05-01T00:00:00 -0400

Security professionals, like everyone, can often be misled by equivocation, semantic ambiguities aimed at creating meaningful logic from vague claims. We see these phrases all the time: “no public exploit available” or “there are no known published exploits in circulation.” Although worded differently depending on the security feed, these are simply oracular phrases that often lead to the false logic that if no public exploit exists, then nobody is exploiting it in the wild. Yet time and again those very exploits become subjects of late nights or weekends spent at work.

Ready for DNSSEC?

2012-03-28T00:00:00 -0400

Domain Name System Security Extensions (DNSSEC) is a system designed to guarantee the authenticity of data obtained from the domain name system (DNS). It is described by many Requests for Comments (RFCs), including but not limited to RFC 4033 (DNS Security Introduction and Requirements), RFC 4034 (Resource Records for the DNS Security Extensions) and RFC 4035 (Protocol Modifications for the DNS Security Extensions). DNSSEC uses resource records, flags within the DNS header and protocol extensions to make this authentication possible.