CENTR, which represents European national top-level domain name registries (ccTLDs) such as .si or .eu, has published its comments on the European Commission's DNS abuse study, calling out some of the "misleading analysis and unfortunate conclusions in the study." more
Do you have information about DNS security or routing security that you would like to share with the global community? Have you developed a new tool or system in this area? Do you have results from a research project that you want to share with a technical community? If so, please consider submitting a proposal to the DNSSEC and Security workshop to be held at ICANN 74 in June 2022. more
Domain Name System (DNS) Operators (Registries and Registrars) receive notices asking them to take action on a wide range of alleged technical and content-related abuses. However, there is a fundamental question of when it is appropriate to act at the DNS level and the evaluation of whether the alleged abuse meets a sufficient threshold for action at the DNS level. Additionally, given the volume of abuses occurring on the internet, existing resources, mechanisms, and protocols available in-house to Operators are in many cases insufficient to address abuses in a timely fashion. more
The Domain Name System has provided the fundamental service of mapping internet names to addresses from almost the earliest days of the internet’s history. Billions of internet-connected devices use DNS continuously to look up Internet Protocol addresses of the named resources they want to connect to - for instance, a website such as blog.verisign.com. Once a device has the resource’s address, it can then communicate with the resource using the internet’s routing system. more
Decentralization is a big trend in IT, and everyone has their own definition of what "decentralization" really means. With more organizations fully embracing a work-from-anywhere culture, decentralization has moved past being a fad and turned into a necessity. Decentralized cybersecurity is nothing new. Many of us have been doing it since before the pandemic. more
When an outage affects a component of the internet infrastructure, there can often be downstream ripple effects affecting other components or services, either directly or indirectly. We would like to share our observations of this impact in the case of two recent such outages, measured at various levels of the DNS hierarchy, and discuss the resultant increase in query volume due to the behavior of recursive resolvers. more
ICANN hosted a Resolver Operator Forum in mid-December, and the session had several interesting presentations that I would like to comment on here... The first presentation in this forum was from Paul Mockapetris. He pointed to the original academic published paper, Development of the Domain Name System, by Paul Mockapetris and Kevin Dunlap, published in the proceedings of ACM SIGCOMM’88. The paper noted that by 1983 it was obvious that the shared HOSTS.TXT file was not a scalable solution... more
For over a decade, the Internet Corporation for Assigned Names and Numbers (ICANN) and its multi-stakeholder community have engaged in an extended dialogue on the topic of DNS abuse, and the need to define, measure and mitigate DNS-related security threats. With increasing global reliance on the internet and DNS for communication, connectivity and commerce, the members of this community have important parts to play in identifying, reporting and mitigating illegal or harmful behavior, within their respective roles and capabilities. more
In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning. On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars. more
When we look at the intersection of cryptocurrency and domain data, we see something insidious: The prevalence of crypto-related threats. And it's not just cryptojacking. It's not even the use of cryptocurrency which has made ransomware attacks easier for threat actors to commit and all the more widespread. As with nearly every trend, there is always someone looking to capitalize on it and use it for their own, personal gain. Ever since cryptocurrency became the pandemic hobby of choice, threat actors have begun to target crypto novices for their schemes. more
Domain names are registered by the thousands every day. In July 2021, 236,336 domains were newly registered daily on average across all top-level domains (TLDs). Tens of thousands were also newly expired. Other months could be just as busy. "Newly registered" and "newly expired." Those are two terms I often get questions about. Newly registered domains are domains that someone just reserved, typically through a registrar or web hosting company. Newly expired domains, meanwhile, are those domains that someone had reserved but decided to let go for one reason or another. more
It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more
The ways in which the Internet is embedded in our daily lives are too varied and numerous to catalogue. The Internet delivers information, access to goods, services, education, banking, social interaction and, increasingly, work space. The global pandemic has only heightened our dependence on the online world, which is why efforts to ensure that the Internet remains a trusted and secure environment are more important than ever. more
Managing the risk of third parties has become a compliance focus for many large organizations. Companies even work with third-party service providers and external vendors just to manage this risk. The recent SolarWinds attack escalates the critical need for chief compliance officers to collaborate with their business counterparts to identify and mitigate potentially unknown threats that lie within third-party supply chains. Yet how can companies manage this risk when it's not if but when you're attacked? more
The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system and IP addressing. The 10th ROW will be held online on Tuesday, June 8th, 2021 at 13h00-17h00 UTC. Click to learn more about the discussion topics and registration details. more
A World-Renowned Source for Internet Developments. Serving Since 2002.