Abstract: A computer method and system for mitigating Domain Name System (DNS) misuse using a probabilistic data structure, such as a cuckoo filter. Intercepted is network traffic flowing from one or more external hosts to a computer network, the intercepted network traffic including a DNS request that requests a Resource Record name in a DNS zone file. A determination is made as to whether the DNS request is requesting resolution at a protected DNS Name Server. A hash value is calculated for the requested Resource Record name if it is determined the DNS request is requesting resolution at the protected DNS Name Server. A determination is then made as to whether the calculated hash value for the requested Resource Record name is present in the probabilistic data structure. The DNS request is forwarded to the protected server if the requested Resource Record name is determined present in the probabilistic data structure.

Abstract: A computer method and system for mitigating Domain Name System (DNS) misuse using a probabilistic data structure, such as a cuckoo filter. Intercepted is network traffic flowing from one or more external hosts to a computer network, the intercepted network traffic including a DNS request that requests a Resource Record name in a DNS zone file. A determination is made as to whether the DNS request is requesting resolution at a protected DNS Name Server. A hash value is calculated for the requested Resource Record name if it is determined the DNS request is requesting resolution at the protected DNS Name Server. A determination is then made as to whether the calculated hash value for the requested Resource Record name is present in the probabilistic data structure. The DNS request is forwarded to the protected server if the requested Resource Record name is determined present in the probabilistic data structure.

Abstract: A computer method and system for mitigating Domain Name System (DNS) misuse using a probabilistic data structure, such as a cuckoo filter. Intercepted is network traffic flowing from one or more external hosts to a computer network, the intercepted network traffic including a DNS request that requests a Resource Record name in a DNS zone file. A determination is made as to whether the DNS request is requesting resolution at a protected DNS Name Server. A hash value is calculated for the requested Resource Record name if it is determined the DNS request is requesting resolution at the protected DNS Name Server. A determination is then made as to whether the calculated hash value for the requested Resource Record name is present in the probabilistic data structure. The DNS request is forwarded to the protected server if the requested Resource Record name is determined present in the probabilistic data structure.

Abstract: A network agent includes an ingress port in data communication with a network traffic source for receiving network traffic entering a network and an egress port in data communication with the ingress port and a protection device included in the network. The egress port is configured to transmit network traffic received from the ingress port to a network device included in the network. A processing device receives from a protection device included in the network blacklist addresses determined by the protection device to be a threat to the network, and maintains a blacklist that includes the received blacklist addresses. A physical layer device compares the network layer source address of a packet of the network traffic received by the ingress port to the blacklist and forwards the packet to the egress port only if the packet's source address is not included in the blacklist.

Abstract: A network agent includes an ingress port in data communication with a network traffic source for receiving network traffic entering a network and an egress port in data communication with the ingress port and a protection device included in the network. The egress port is configured to transmit network traffic received from the ingress port to a network device included in the network. A processing device receives from a protection device included in the network blacklist addresses determined by the protection device to be a threat to the network, and maintains a blacklist that includes the received blacklist addresses. A physical layer device compares the network layer source address of a packet of the network traffic received by the ingress port to the blacklist and forwards the packet to the egress port only if the packet's source address is not included in the blacklist.

Abstract: A computing device prompts a user to supply installation parameters for joint installation of an operating system and core software on a server device, and stores, in a memory, the installation parameters received from the user. The computing device provides, to the server device, instructions to install an image of the operating system directly to volumes for the core software, where the instructions require input of installation parameters during the installation. The computing device also receives, from the server device and during the operating system installation, requests for the installation parameters. The computing device sends, to the server device, the stored installation parameters that are responsive to the requests for the installation parameters.

Abstract: A computing device prompts a user to supply installation parameters for joint installation of an operating system and core software on a server device, and stores, in a memory, the installation parameters received from the user. The computing device provides, to the server device, instructions to install an image of the operating system directly to volumes for the core software, where the instructions require input of installation parameters during the installation. The computing device also receives, from the server device and during the operating system installation, requests for the installation parameters. The computing device sends, to the server device, the stored installation parameters that are responsive to the requests for the installation parameters.