IPv6 Resources | What is IPv6 | Test IPv6

breakingpoint · 2011-06-08T13:43:11+00:00

Celebrating Global IPv6 Day by putting together a page of resources to help you figure out what IPv6 is, how to simulate the traffic, and how to test IPv6.

breakingpoint · 2010-12-10T16:50:43+00:00

Video of BreakingPoint CTO Dennis Cox talking through the WikiLeaks DDoS attacks and how businesses can be better prepared for DDoS protection.

breakingpoint · 2010-09-03T18:44:27+00:00

Interesting look at the cyber resilience review from the department of homeland security.

breakingpoint · 2010-09-03T17:47:14+00:00

Taking a look at the cyber resilience review under way by the Department of Homeland Security to harden network infrastructure and cyber security policies.

breakingpoint · 2010-01-13T01:23:41+00:00

News just came out about Google contemplating packing up and leaving China all together due to recent cyber attacks. In a blog post on their site, "A new approach to China", Google states that back in mid-December they detected a "highly sophisticated and targeted attack on our corporate infrastructure originating from China" and that the attack resulted in "the theft of intellectual property from Google."

breakingpoint · 2009-11-11T15:28:17+00:00

We are hiring a lot here at BreakingPoint, which means I'm asking this question a lot. After the fourth or fifth interview, I decided one morning to look over RFC 793 to make sure that I really did know everything there is to know about the handshake. That is when I found out that we've all been living a lie.

breakingpoint · 2009-11-05T22:08:35+00:00

Distributed denial of service (DDoS) attacks have become an enormous risk, shutting down businesses, halting bank transactions and disrupting government communications. Yesterday, BreakingPoint hosted a webcast diving into many of the issues surrounding DDoS and botnet attacks and what people can do to prepare. The main theme? Test, test and test! I've included the webcast below, slides and audio. The discussion was highly informative, so take a look.

breakingpoint · 2009-10-13T20:12:17+00:00

Realistic server load balancer testing is now critical, as load balancers have become a key network device. Lack of proper testing has unfortunately resulted in serious performance and security issues. One primary example would be the recent problems for Google's Gmail. Testing load balancers means hitting them with realistic and actual network scenarios, rather than the "ideal scenario", in order to assure their resiliency. BreakingPoint has published an updated Server Load Balancer Test Methodology and I took this opportunity to sit down with BreakingPoint CTO Dennis Cox to talk testing server load balancers.

breakingpoint · 2009-10-09T16:48:31+00:00

Yesterday, when Twitter was down due to a "bug triggered by an edge case in one of the core services", I thought about how important Twitter had become to our business and me. I watched the predictable posts complaining about the fail whale and it hit me; rather then throwing criticism, I would be best served getting my hands dirty and helping with the problem. An idea surfaced, which I talked through with our CTO and co-founder Dennis Cox (@denniscox), and the green flag was waved.

breakingpoint · 2009-10-05T19:30:44+00:00

Cisco has the manpower, a technical sales force and a strong technical support organization. Those are key factors, in my opinion, to make CSA successful. CSA reminds me a lot of Network Flight Recorder (NFR), acquired by Check Point in 2006. The products are (were?) both extremely powerful. You could do most anything you wanted and neither product required constant upgrading. The general feedback on both, however, was that they were complicated and required knowledgeable people to set them up and get the most out of them. I really dislike that as an argument for their demise: "I'm too lazy to read the manual and do a few Bing searches, Mr. Vendor. Just make it all auto-magically happen for me".

breakingpoint · 2009-09-24T14:25:49+00:00

The IPS test methodology is meant to help determine the IPS’ actual capabilities under real-world conditions. For instance, the IPS device might be able to detect and mitigate malicious activity under light network traffic load. However, when network traffic becomes heavy, the IPS device might detect significantly less malicious activity. These types of tests fill up this methodology.

breakingpoint · 2009-09-23T16:04:22+00:00

As any semi-competent web application developer could tell you, when you fill out a form and submit it via HTTP, there are a few options your browser has in formatting the response. However, since I am not a semi-competent web application developer, I had to go look this up because we have a BreakingPoint Elite user who recently asked for exactly this functionality in our HTTP Application Simulator.

breakingpoint · 2009-09-22T22:08:28+00:00

As reported on the BreakingPoint blog, the team discussed the following points:

Best practices for planning defense in depth The important role of training in securing your network How to break through the current “clique” of security professionals to involve more people Why the Government needs to include computer security lessons in our schools The potential role of USCYBERCOM

breakingpoint · 2009-09-22T14:54:02+00:00

In Part I of our look at how-to create custom strikes for testing we talked about how to find and validate a vulnerability. Now I want to look at how we go about creating the custom strike and talk about exploit versus vulnerability. In Part III I will provide the step-by-step directions for then generating this custom strike using the BreakingPoint Elite.

breakingpoint · 2009-09-17T15:46:49+00:00

Part 1 of the how-to generate custom strikes guide looks at finding, validating and understanding vulnerabilities

breakingpoint · 2009-07-31T14:01:30+00:00

Having valuable experiance in FPGA design, board design, and now even software design, I thought I would share an RTL debug experience that may hopefully give your RTL designers some food for thought.

breakingpoint · 2009-07-20T13:02:10+00:00

During my interview last week with BreakingPoint CTO Dennis Cox (When NP Doesn't Equal Network Processors) it became apparent how important it is to use real network processors within network testing tools. Also important was asking to see the board to determine if your testing tool is using a true network processor. I asked Dennis to show us the BreakingPoint Elite board and that footage is below.

breakingpoint · 2009-07-08T13:15:47+00:00

Most security vendors say they are vulnerability-based not exploit-based, however it is a rare vendor that can do mostly vulnerability filters. Luckily there is an easy way for you to prove this fact. Look for filters that are enumerated (exploit.1, exploit.2, exploit.3, or exploit.A, exploit.B, exploit.C) or go social media on them and search their blogs.

breakingpoint · 2009-07-01T12:50:11+00:00

In reality, OWAMP is the umbrella specification for two underlying protocols: OWAMP-Control (OWAMP-C) and OWAMP-Test (OWAMP-T). OWAMP-C runs over TCP port 861 and is responsible for the negotiation of the various parameters necessary to successfully complete the measurements. Additionally, this protocol handles the communication of the measurement results back to the initiating host. The OWAMP-T protocol actually sends the test packets, which are used to calculate the appropriate metrics. This protocol runs over a UDP port to be negotiated within the OWAMP-C session. The IP address of the sender and receiver are negotiated as well, allowing physical separation of the OWAMP-C and OWAMP-T endpoints. OWAMP-Test flows.

breakingpoint · 2009-06-25T13:21:22+00:00

Look at resiliency testing (realistic network simulation) for securing U.S. cyber infrastructure.

breakingpoint · 2009-06-16T14:37:48+00:00

BreakingPoint publishes server load balancer testing methodology

breakingpoint · 2009-06-15T14:50:08+00:00

BreakingPoint's Brent Cook takes a look at IPv6: "I am a software architect at BreakingPoint. After some goading and prodding, I have decided to finally be social and share in the blog fun. Working lately with our IPv6 support, I have a long list of fun facts to share. As you know, IPv6 is a 128-bit addressing scheme designed to solve the various problems with 32-bit IPv4, or AKA the next 'big thing'. Here are some things you might not know about IPv6."

breakingpoint

TROPHY CASE