Cloud News

    re:Invent 2020 Liveblog: Andy Jassy Keynote

    I’m always ready to try something new! This year, I am going to liveblog Andy Jassy‘s AWS re:Invent keynote address, which takes place from 8 a.m. to 11 a.m. on Tuesday, December 1 (PST). I’ll be updating this post every couple of minutes as I watch Andy’s address from the comfort of my home office. […] [Read More]

    New –  Attribute-Based Access Control with AWS Single Sign-On

    Starting today, you can pass user attributes in the AWS session when your workforce sign-in into the cloud using AWS Single Sign-On. This gives you the centralized account access management of AWS Single Sign-On and ABAC, with the flexibility to use AWS SSO, Active Directory, or an external identity provider as your identity source. To […] [Read More]

    Introducing Amazon Managed Workflows for Apache Airflow (MWAA)

    As the volume and complexity of your data processing pipelines increase, you can simplify the overall process by decomposing it into a series of smaller tasks and coordinate the execution of these tasks as part of a workflow. To do so, many developers and data engineers use Apache Airflow, a platform created by the community […] [Read More]

    New – Code Signing, a Trust and Integrity Control for AWS Lambda

    Code signing is an industry standard technique used to confirm that the code is unaltered and from a trusted publisher. Code running inside AWS Lambda functions is executed on highly hardened systems and runs in a secure manner. However, function code is susceptible to alteration as it moves through deployment pipelines that run outside AWS. […] [Read More]

    New – Multi-Factor Authentication with WebAuthn for AWS SSO

    Starting today, you can add WebAuthn as a new multi-factor authentication (MFA) to AWS Single Sign-On, in addition to currently supported one-time password (OTP) and Radius authenticators. By adding support for WebAuthn, a W3C specification developed in coordination with FIDO Alliance, you can now authenticate with a wide variety of interoperable authenticators provisioned by your […] [Read More]

The IP blacklists will become obsolete in the years to come

There are a variety of IP blacklists used at the moment:

  • in firewalls
  • to stop SPAM: DNSBL (Domain Name System Blacklists) such as SpamHaus, Barracuda, etc
  • reputation systems (like “Webroot® BrightCloud® Threat Intelligence”)

They are currently all using IPv4. However as IPv6 is slowly taking over: billions & billions of IP addresses are now available. The concept of blacklisting an IP address will become obsolete: it makes absolutely no sense to slow down network speeds with a filter that has to go through billions of row. The trend is pointing towards faster networks, not slower ones.

What does it mean?

It means that users will have to stop using those services. And the companies selling those services will have to quickly switch to something else. And it is a good riddance!

What about geographic localisation by IP address?

This will go probably fade away. And Netflix is in trouble: as they use geo-ip localisation for restrictions.

How do you keep away the bad guys away then?

As far as SPAM is concerned: DKIM (Domain Keys Identified Mail) will become a mandatory standard. DKIM signatures can already be checked during the SMTP connections, thus SPAM will get rejected even before it gets delivered.

For firewalls: DDoS (Distributed Denial of Service) attacks will be harder to stop, and port flooding control will become the norm.

Would it be a for a better future?

Absolutely! It will be more secure for everyone. Users will have to register and authenticate themselves to get a secure and fast service.

Comments

So empty here ... leave a comment!

Leave a Reply

Your email address will not be published. Required fields are marked *

Sidebar