French internet security report urges use of best practice

Wednesday 6 July 2016 | 21:47 CET | News

An official report on internet security in France has urged all players in the sector to follow best practice recommendations for the BGP, DNS and TLS security protocols.

The Resiliance of the French Internet report also encouraged all those in the sector to prepare themselves against the distributed denial-of-service (DDoS) attacks that have been behind some of the higher-profile failures of internet services.

The report, published by French IT security agency ANSSI and Afnic, which registers national .fr domain names, studied the capacity of services to function during an incident and then subsequently return to normal.

The 2015 report, the fifth of its kind, made the following principle recommendations: monitor prefix advertisements, and be prepared to react in case of hijacking; use protocols that support forward secrecy and discontinue the increasingly vulnerable SSLv2 and SHA-1 algorithms; diversify the number of SMTP and DNS servers in order to improve the robustness of the infrastructure; apply best practices to limit the effects of failures and operational errors and pursue the deployment of IPv6, DNSSEC, and RPKI to help develop skills and to anticipate possible operational problems.

Although the 2014 report made similar recommendations, the 2016 edition observed that while internet administrators (autonomous systems) were increasingly deploying IPv6, the most recent version of the Internet Protocol, too few were following best-practice rules.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

::: add a comment