DNS

 Sponsored
by

DNS / Featured Blogs

DNS Firewalls In Action - RPZ vs. Spam

Jan 04, 2013

In general, a network firewall is just a traffic filter... Filtering rules can be anything from "allow my web server to hear and answer web requests but not other kinds of requests" to "let my users Ping the outside world but do not let outsiders Ping anything on my network." The Internet industry has used firewalls since the mid-1980's and there are now many kinds, from packet layer firewalls to web firewalls to e-mail firewalls. Recently the DNS industry has explored the firewall idea and the results have been quite compelling. In this article I'm going to demonstrate a DNS firewall built using RPZ (Response Policy Zones) and show its potential impact on e-mail "spam".

The Case for Hot Swappable Nameservers

Dec 06, 2012

Earlier this week we announced our "Proactive Nameservers", which is just marketing speak for what it really is: hot swappable nameservers or nameserver fail over. What is it? ... It's basically what every webmaster, IT department and CTO wishes they had set up before...

Top 10 Biggest Domain Stories of 2012 and Predictions for 2013

Nov 30, 2012

So my prediction from last year that "ICANN will open the new gTLD application period without any glitches" could not have been more wrong. And yes - I actually used the word 'glitches'... Regardless of my crystal-ball gazing skills, it's been another incredibly eventful year, and below are the Top 10 Domain Stories from 2012.

New gTLDs, Last-Minute End-Arounds, and Fundamental Fairness

Nov 29, 2012

The ICANN community is ever closer to realization of its goal to bring long-overdue consumer choice and competition to Internet naming. Regrettably, but perhaps predictably, reliance on the Final Applicant Guidebook (AGB) is being challenged at the last minute by recent proposals from the Business and Intellectual Property Constituencies (BC/IPC), which demand "improvements" to the already extensive trademark protections that will be part of the new gTLD landscape.

The Root Is Not a TLD

Nov 22, 2012

It's a simple, straightforward fact that the root is not a TLD. However, the current policy around new gTLDs treats the root like a TLD registry and as anyone who runs a TLD registry knows, they have certain inescapable characteristics that may not be the best for the root. In almost every TLD, once a domain name has been registered, the registrant can use it commercially with few restrictions...

When Businesses Go Dark: A DDoS Survey

Nov 09, 2012

In February 2012, Neustar surveyed IT professionals across North America to better understand their DDoS experiences. Most were network services managers, senior systems engineers, systems administrators and directors of IT operations. In all, 1,000 people from 26 different industries shared responses about attacks, defenses, ongoing concerns, risks and financial losses.

The Recent DDoS Attacks on Banks: 7 Key Lessons

Nov 07, 2012

Starting in mid-September, one of the largest and most sophisticated DDoS attacks ever targeted the titans of American banking. Initially, victims included Bank of America, JPMorgan Chase, Wells Fargo, PNC Bank, and U.S. Bancorp. In the weeks to come, others would also feel the pain. Websites crashed, customers were unable to make transactions and IT professionals and PR gurus went into panic mode. Leon Panetta, U.S. Secretary of Defense, said the attacks foreshadowed a "Cyber Pearl Harbor."

Persistent Threat Detection on a Budget

Nov 07, 2012

If there's one simple - high impact - thing you could do to quickly check whether your network has been taken over by a criminal entity, or uncover whether some nefarious character is rummaging through your organizations most sensitive intellectual property out of business hours, what would it be? In a nutshell, I'd look to my DNS logs. It's staggering to me how few security teams have gotten wise to regularly interrogating the logs from their recursive DNS servers.

IETF 85 Begins Next Week In Atlanta - Here Is How To Follow Along

Nov 02, 2012

The 85th meeting of the Internet Engineering Task Force (IETF) begins next week in Atlanta, Georgia, USA. Over 1000 engineers, maybe as many as 1400 or more, from all around the world will gather in various working groups to discuss and debate issues relating to the open standards that define the Internet's infrastructure.

Names, Numbers and Beyond…

Oct 31, 2012

Couple of weeks ago I started a new initiative called "Names, Numbers and Beyond". I started this as I genuinely think we are facing big issues due to the uncontrolled and non-standard growth of the IP and Name space used today and tomorrow. To keep in control and make everything manageable, parcelling out IP address space and the use of tight naming standards/policies is necessary to make networks work better and make them achievable.

Industry Updates

Unstoppable and Radix Launch “.pw” Domain Extension for Public Wallets

Four Steps to Mitigate Subdomain Hijacking

  • By CSC
  • Aug 06, 2024

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

DNS Deep Diving into Pig Butchering Scams

DNS Abuse: Finding Our Way Forward Together

  • By CSC
  • Dec 28, 2023

Behind the Genesis Market Infrastructure: An In-Depth DNS Analysis

Signs of Ongoing RedLine Stealer Operation Found Through a DNS Deep Dive

Rhysida, Not Novel but Still Dangerous: DNS Revelations

The Makings of ADHUBLLKA According to the DNS

The Hidden Secret About Your DNS Zones and Combatting Phishing Campaigns

  • By CSC
  • Oct 12, 2023

Examining WoofLocker Under the DNS Lens

Tracing Truebot’s Roots through a DNS Deep Dive

Potential Traces of Aurora Spread Via Windows Security Update Malvertisements in the DNS

Verisign Domain Name Industry Brief: 354.0 Million Domain Name Registrations in Q1 2023

Scouring the DNS for Traces of Bumblebee SEO Poisoning

View More