Monthly Archives: August 2016

Net_DNS2 v1.4.2 – SMIMEA and AVC Resource Records and SHA-256 SSHFP

I’ve released version 1.4.2 of the PEAR Net_DNS2 library- you can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer:

composer require pear/net_dns2

Version 1.4.2

  • changed the role for the README.md file to doc.
  • parse the resolv.conf options line; right now I just support the timeout and rotate options.
  • the options values only work if you set the new option use_resolv_options to true; this is to keep backwards compatibility.
  • added support for RFC 6594; support for SHA-256 and ECDSA in the SSHFP resource record.
  • added the SMIMEA resource record; this just extends the TLSA record.
  • added the AVC resource records; this just extends the TXT record.
  • added error and EDNS0 defines for DNS Cookies (RFC7873).
  • added EDNS0 defines to the lookup class.
  • dropped the Net_DNS2_Packet::formatIPv6() function; this was deprecated in v1.1.3.
  • re-wrote the Net_DNS2::expandIPv6() function. Based on testing, the new version is about twice as fast.

Blacklist Monitoring for Cloud Hosting

Originally Posted on Blacklist Monitoring with RBLTracker.

Since our inception, we’ve helped thousands of companies and individuals, from all around the world, stay on top of day-to-day threats related to their email and websites. Recently, with the addition of our Facebook Threat Exchange monitoring, we’re helping those same customers battle social media related threats.

Some of our earliest customers have been cloud hosting and cloud computing companies- companies that provide the backbone of the Internet as we know it today.

Cloud Hosting Providers

One specific challenge with this type of company, is the sheer number of IP addresses and domains to monitor, and the regular re-use of these IP addresses. The last thing you want, is a brand new customer getting an IP address that is already blacklisted because of something the last owner did.

Another key challenge, is making sure that resources are used “only as needed”. Let’s face it- you don’t want to pay to monitor hosts that aren’t being used- and you shouldn’t have to.

We offer a few key features that makes blacklist monitoring for cloud hosting providers, easier and more affordable.

IP Range Host Type

Normally customers add IP addresses and domains (aka “Hosts”) to the RBLTracker portal individually. If you have 10 to 15 Hosts, this isn’t really a big deal. You can add hosts using our bulk loader, or individually. You can also add Hosts as a range or CIDR block (x.x.x.x/y).

But what if you have thousands of Hosts to monitor? At some point it’s going to become unwieldy to provision, and impossible to manage.

To support this, we built a custom “IP Range” Host type. This lets you add IP addresses as a range or CIDR block, but rather than thousands of IP addresses showing under your account, a single Host entry is shown. Our system will still monitor every single IP address individually– but the full block of IP addresses can be managed as a single entry.

ip_range_add

So whether you have a few /24’s or a whole /18- you can easily manage the full IP block with ease.

ip_range_view

API Provisioning

Loading all your IP addresses into the system is great, but what if you only want to monitor a sub-set of those hosts? Or if you only want to enable monitoring for hosts that are currently in-use?

Several of our customers have opted to integrate with our web-based API, to provision monitoring on IP addresses as they’re allocated to their customers. That way only active IP addresses are being monitored. This ensures that you’re only paying for monitoring that matters- that will actually impact your business or your customers.

The RBLTracker API is easily integrated into any provisioning or monitoring platform, with just a few simple lines of code:

# wget --post-data="type=rbl&name=Test&host=10.10.10.10" -qO- https://rbltrack.com/api/host/add.json?api_token=x

{
    "status_code": 200,
    "status_message": "Hosts added successfully.",
    "data": [
        {
            "id": "37c46a725dd8adab28d35b9f200c198d",
            "host": "10.10.10.10",
            "name": "Test"
        }
    ],
    "version": "2.0"
}

Easily enable monitoring on a Host when it’s allocated to a customer, and then disable it when it’s de-allocated- it’s a simple as that.

Contact Groups

When we identify an issue with any of your Hosts, we’ll immediately notify you via several different notification methods. These contacts can be broken down into custom contact groups, and assigned to Host. The end result, is that you can have a unique contact for every host under your account:

contact_group_add_host

Cloud Hosting companies can optionally send alerts directly to their customers, notifying them about issues with their IP addresses and domains, and alleviating some of the burden from their network operations staff.

We regularly add new features and tools to make managing and provisioning monitoring services, easier and more effective for our customers.