Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS Security |
Sponsored by |
|
Since last fall, several waves of distributed denial of service (DDoS) attacks have targeted major players in the U.S. banking industry. JPMorgan Chase, Wells Fargo and PNC were among the first to sustain intermittent damage. Eventually, the top 50 institutions found themselves in the crosshairs... In the months to come, security experts would praise the banks' collective response, from heightened DDoS protection to candid customer communications.. these larger institutions have learned some painful lessons that smaller firms might heed as they seek to minimize risks. more
Andrew McLaughlin reporting in the White House website: "Last week marked a significant advance in the security of the Internet. After years of intensive design, testing, and implementation work, the Internet's domain name system now has a new security upgrade that allows Internet service providers and end users alike to protect against an important online vulnerability: the clandestine redirecting of online communications to unwanted destinations." more
DNS Abuse and how to address it has been the topic of intense, often conflictual, and rarely conclusive discussions for many years, starting with the very definition of the term and the degree of responsibility bestowed upon DNS operators. In 2018, after several months of intersessional work, the Internet & Jurisdiction Global Conference brought together in Ottawa more than 200 key stakeholders to define a roadmap to address certain jurisdictional challenges on the Internet, including DNS abuse. more
Do you have information or an idea you would like to share with members of the broader DNS / DNSSEC community? Have you developed a new tool that makes DNSSEC or DANE deployment easier? Have you performed new measurements? Would you like feedback about a new idea you have? Would you like to demonstrate a new service you have? If so, we're seeking proposals for the DNSSEC Workshop to be held at ICANN57 in Hyderabad, India, in early November 2016. more
Last week, millions of infected devices directed Internet traffic to DNS service provider Dyn, resulting in a Distributed Denial of Service (DDoS) attack that took down major websites including Twitter, Amazon, Netflix, and more. In a recent blog post, security expert Bruce Schneier argued that "someone has been probing the defences of the companies that run critical pieces of the Internet". This attack seems to be part of that trend. This disruption begs the question: Can we trust the Internet? more
Private DNS data lakes consolidate fragmented logs into a centralised platform, improving visibility, security, and compliance. They enable advanced analytics, strengthen threat detection, and help organisations optimise network performance in increasingly complex IT environments. more
Maintaining an 150 year old house requires two things, a lot of time and a lot of trips to the hardware store. Since the closest hardware store to my house is Home Depot, it is rare that a weekend passes without at least one trip to Home Depot. So now in the wake of the Home Depot data breach I am through no fault of my own in a situation where any or all of the bank cards I use regularly could be cancelled if the issuer decides they might be compromised. And this is not the first time this has happened to me this year. more
Today the DNS Abuse Institute (“DNSAI” or the “ Institute”) adds a new level of reporting for our measurement project: DNSAI Compass™ (“Compass”). With this new level of reporting, we intend to show the spectrum of how malicious phishing and malware is distributed across the DNS registration ecosystem.1 To demonstrate this, we are identifying registrars and TLDs with high and low volumes of malicious domain registrations in their Domains Under Management (DUM), or new registrations. more
The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop on Wednesday, 06 November 2019, during the ICANN66 meeting held from 02-07 November 2019 in Montreal, Canada. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. more
DNSSEC is a hot topic. It's a technology newly unleashed on popular networking, which has led to countless articles and posts on the subject, including right here on CircleID. The way a lot of articles try to get your attention is to talk about a technology, like DNSSEC, in a way that makes the technology either seem really significant or really complicated. That is why a lot of articles about DNSSEC make it sound like something huge, complicated, and scary. But it's not. more
Despite offering robust protection for the Domain Name System, DNSSEC suffers from poor adoption due to its complexity, cost, and operational risks. Automation and algorithmic improvements now offer practical solutions for broader deployment. more
Want to learn more about the current state of DNSSEC? Want to see demos of new software to secure email? Curious about the potential impact of the Root Key Rollover happening this year? Next week in Copenhagen, Denmark, ICANN 58 will include some great technical info about DNSSEC and DANE happening in several sessions. Here is the plan... more
Now that we are all working from home (WFH), the need for encryption must also increase in priority and awareness. Zoom's popular video conferencing solution got in hot water because they promised "end-to-end" encryption but didn't deliver on it - prompting some organizations to ban it from use altogether. Encryption protects confidential information from being exposed in transmission, providing a secure way for the intended recipient to get the information without snooping by others. more
DNS Operations, Analysis, and Research Center (DNS-OARC) held its 30th meeting in Bangkok on the 12th and 13th May. Here's what attracted my interest from two full days of DNS presentations and conversations, together with a summary of the other material that was presented at this workshop. Some Bad News for DANE (and DNSSEC): For many years the Domain Name X509 certification system, or WebPKI, has been the weak point of Internet security... more
Leading US ISP, Comcast, has announced today its aggressive plans to deploy DNSSEC through out its netowrk. Chris Griffiths, Manager of DNS Engineering, writes: "We plan to implement DNSSEC for the websites we manage, such as comcast.com, comcast.net and xfinity.com, by the first quarter of 2011, if not sooner. By the end of 2011, we plan to implement DNSSEC validation for all of our customers." more
A World-Renowned Source for Internet Developments. Serving Since 2002.
