Guide to Multicast DNS (mDNS) security issues

What is multicast DNS (mDNS) ? The mDNS protocol is meant to resolve host names to IP addresses within small networks that do not include a local name server. The mDNS service can be contacted using UDP queries over port 5353.The mDNS protocol is published as RFC6762 and implemented by the Apple Bonjour and avahi-daemon […]

Read more →

Guide to Portmapper Amplification Issues

What is Portmapper? The port mapper (rpc.portmap or just portmap, or rpcbind) is an Open Network Computing Remote Procedure Call (ONC RPC) service that runs on network nodes providing other ONC RPC services. A host may connect to a server that supports the Portmapper Protocol on either Transmission Control Protocol (TCP) or User Datagram Protocol […]

Read more →

Guide to Microsoft Active Directory rootDSE/C-LDAP security issues

What is C-LDAP in Microsoft Active Directory services? Active Directory (AD) is a directory service developed by Microsoft. Active Directory services include AD Certificate Services, AD Domain Services, AD Federation Services, AD Lightweight Directory Services, and AD Rights Management Services. A server running Active Directory Domain Services (AD DS) is called a domain controller. Among […]

Read more →

Securing Windows SMB and NetBios/NetBT Services

What is the Windows SMB service? The Server Message Block (SMB) Protocol is a network file sharing protocol running on port 445. It is implemented in Microsoft Windows Server as the Microsoft SMB service. Microsoft SMB Protocol is installed by default in Microsoft Windows Server. SMBv2 protocol was introduced in Windows Vista and Windows Server […]

Read more →

Securing your Memcached Server

Vulnerability Description By default memcached is available to the world on UDP and TCP port 11211. Among other utilities it may be possible to use something as simple as telnet to connect to memcached and issue a ‘stat’ command to obtain information about the service itself or other commands to retrieve the data that is […]

Read more →

Managing Security Groups in AgileCLOUD Using Horizon

Introduction Security groups in OpenStack act like traditional access control lists, working at the networking (virtual switch) level, rather than the instance level, allowing or disallowing traffic to flow between any two point based on a set of criteria, executed in the form of IP filter rules. Security groups are created per project and contain […]

Read more →

Illegal, Obscene and Harmful Content

Internap’s Acceptable Use Policy (“AUP”) prohibits Customers (and any third party who uses the services through or on behalf of a Customer) from publishing, transmitting, distributing or storing content, material, information or data that is illegal, obscene and harmful, among other things. Prohibited content includes: · Illegal activities. Any activity that violates a law, rule […]

Read more →

Copyright and Trademark Guide

Issue Description Copyright infringement is the unauthorized use or distribution of works that infringe upon the copyright holder’s exclusive rights. Using Internap resources to use or distribute copyrighted works is prohibited by our Acceptable Use Policy. Recommended Resolution All access to the allegedly infringing material should be removed and the material may not be made available again unless a […]

Read more →