Home / News

Unexpected Behaviour Observed With DNS Root Servers After Cryptographic Change

The DNS root servers were reported by Verisign to be under unexpected attack from name servers across the Internet following ICANN’s recent changes to their cryptographic master keys. Kevin Murphy reporting in Domain Incite writes: “The company, which runs the A and J root servers, said it saw requests for DNSSEC data at the root increase from 15 million a day in October to 1.15 billion a day a week ago. The cause was the October 11 root Key Signing Key rollover, the first change ICANN had made to the ‘trust anchor’ of DNSSEC since it came online at the root in 2010.”

Verisign’s Principal Research Scientist at Verisign in his post Unexpected Effects of the 2018 Root Zone KSK Rollover, says: “March 22, 2019, saw the completion of the final important step in the Key Signing Key (KSK) rollover—a process which began about a year and half ago. What may be less well known is that post rollover, and until just a couple days ago, Verisign was receiving a dramatically increasing number of root DNSKEY queries, to the tune of 75 times higher than previously observed, and accounting for ~7 percent of all transactions at the root servers we operate.”

With the removal of the revoked key, DNSKEY query rates are now returning to pre-revocation levels, says Verisign.

Editor’s Note: The title of this post was edited to omit the previously misused phrase “dns root servers came under attack” as per feedback received from the community.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

This clickbait title is false, misleading and Stephane Bortzmeyer  –  Mar 28, 2019 8:33 AM

This clickbait title is false, misleading and irresponsible. There was no attack at all.

False Chris Buijs  –  Mar 28, 2019 7:34 PM

False

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign