News - via Help Net Security's Zeljka Zorz, of serious flaws in Wireshark's bits leading to potential crashes apparently caused by stored malicous packet trace files. HelpNet notes that Wireshark has fixed versions: 2.6.3, 2.4.9, or 2.2.17 - all of which can be downloaded on the Wireshark Download page: https://www.wireshark.org/download.html
"The vulnerabilities – CVE-2018-16056, CVE-2018-16057 and CVE-2018-16058 – affect three components of Wireshark: the Bluetooth Attribute Protocol (ATT) dissector, the Radiotap dissector, and the Audio/Video Distribution Transport Protocol (AVDTP) dissector, respectively." - via Help Net Security's Zeljka Zorz
The beginning of May 2018 saw problematic internetworking operational issues revolving around the notion of robust router security (in reality, the lack thereof...). Today's Must Read comes from ISOC personnel Megan Kruse and Aftab Siddiqui, and lightly details the initiative entitled Mutually Aagreed Norms for Routing Security (MANRS). No resolution of this issue has been unequivocally accepted, but hope does spring eternal, as such, you can learn much more about MANRS here. Enjoy the Norms, and have a go with the MANRS for Network Operators document.
If you read anything in the next couple of days regarding the IETF, and cryptography, take a moment and read Geoff Huston's superb retort to a controversial statement piece by Tony Rutkowski, both on CircleID. Tremendous responses are many on our beloved interweb, and this may be one of them... Enjoy today's MustRead!
Meanwhile in DDoS news... Reportage of IPv6 DDoSing via El Reg, (and well-written by Kieren McCarthy) detailing an IPv6-transported DDoS attack - a 1.35Tbps attack on GitHub - that should be baking a lot of noodles out there in the network protection racket...
"Network guru Wesley George noticed the strange traffic earlier this week as part of a larger attack on a DNS server in an effort to overwhelm it. He was taking packet captures of the malicious traffic as part of his job at Neustar's SiteProtect DDoS protection service when he realized there were "packets coming from IPv6 addresses to an IPv6 host." The attack wasn't huge – unlike this week's record-breaking 1.35Tbps attack on GitHub – and it wasn't using a method that is exclusive to IPv6, but it was sufficiently unusual and worrying to flag to the rest of his team." - via Kieren McCarthy writing at El Reg
Notwithstanding the FCC's vote in the affirmative (to strike the Net Neutrality rules), the Commission is still reportedly working on the final document, and has not released the official decision (at the time of this writing)(which may surprise some readers). Consequently, we are publishing this superlative opinion piece by Professor Harsha Madhyastha of the University of Michigan's Enjoy!
Professor Harsha Madhyastha (Associate Professor at the University of Michigan's Computer Science and Engineering Division) , writes eloquently at the IEEE's Spectrum Magazine, and enthralls us with a nicely logical case against Net Neutrality. Today's Must Read.
2017/01/06 - Update: The FCC has released the Commission's here: Order.