Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In the midst of "Cyber Monday", the day traditionally seen as one of the year's busiest days for online shopping, it is only appropriate to examine the importance DNS plays for online economies. With DNS being at the heart of Internet connectivity it is easy to understand why DNS is important to the growing health of economies whose online health in dollars and euros rest in the billions.
The European Commission is apparently considering the promulgation and adoption of a directive that would, at least in part, criminalize botnets. As I understand it, the premise behind adopting such a directive is that since botnets are capable of inflicting "harm" on a large scale, we need to separately criminalize them. I decided to examine the need for and utility of such legislation in this post.
What is so secret about the word, "Capacity"? As I read and talk with people I realize the word, "capacity" is typically missing from the DNS discussion. "Capacity" and "Security" are the two cornerstones to maximizing DNS resilience; both of which are typically missing from the DNS discussion. Have you seen a single DNS node easily process over 863,000 queries per second? Have you seen a network routinely handle over 50Gbits/second in outbound traffic alone without breaking a sweat?
Within the last year or two, I've heard people express an opinion to the effect that if the domain name industry put as much focus on preventing distributed denial of service attacks as we have on implementing DNSSEC, the Internet would be a safer place. While there may be a grain of truth there, I suggest that this kind of thinking presents us with something of a false dichotomy.
Yesterday CommunityDNS noticed a sudden, heavy spike in traffic through its Anycast node in Hong Kong. While comfortably processing queries at 863,000 queries per second for close to 2 hours the occurrence was undeniable. While we can't say the increase in traffic was specifically due to DDoS, its sudden increase is suspicious and reminds us that DDoS is still a popular tool used by the malicious community.
As the industry-wide paradigm shift to cloud computing and software-as-a-service gradually continues to make the transition from buzz to reality, security and availability continue to emerge as the main barriers to customer adoption. A recent ISACA survey of over 1,800 US IT professionals found that only 17 percent believe the benefits of cloud computing outweigh the risks. Only one in 10 respondents said they would consider using software-as-a-service (SaaS) for mission-critical applications.
The barriers to DNSSEC adoption are quickly disappearing. There are nearly 20 top-level domains that have already deployed DNSSEC including generic TLDs like .org and .gov. This July, the DNS root will also be signed, and will begin validating. At this point, the decision for remaining TLDs to deploy DNSSEC is really no longer a question.
This week, 17 individuals from about a dozen organizations in the DNS space met up in Manchester, NH at the Dyn Inc. headquarters for a first of its kind Summit for DNS industry insiders. Called "Inside Baseball," we wanted to bring people together from every spectrum of the DNS industry to inspire collaboration and innovation.
Last week Czech researchers released information on a new worm which exploits CPE devices (broadband routers) by means such as default passwords, constructing a large DDoS botnet. Today this story hit international news... The spread of insecure broadband modems (DSL and Cable) is extremely wide-spread, with numerous ISPs, large and small, whose entire (read significant portions of) broadband population is vulnerable.
Looking back at the year that just ended, here are the top ten most popular news, blogs, and industry news on CircleID in 2009 based on the overall readership of the posts. Congratulations to all the participants whose posts reached top readership in 2009 and best wishes to the entire community in 2010.
A World-Renowned Source for Internet Developments. Serving Since 2002.