DNS

 Sponsored
by

DNS / Featured Blogs

I Don’t Need a Signature to Know It’s Going to Be Bad…

Mar 29, 2012

There was a period of time not long ago in which signature-based threat detection was cutting-edge. Antivirus, intrusion detection systems (IDS), data leakage prevention (DLP), content filtering and even anomaly detection systems (ADS) all continue to rely heavily upon static signatures. In recent years vendors have shied away from discussing their dependence on such signatures -- instead extolling supplemental "non-signature-based" detection technologies. more

DNS Changer

Mar 28, 2012

One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called "DNS Changer" since that was the name of the software this gang used to infect a half million or so computers. more

Wither WHOIS!: A New Look At An Old System

Mar 27, 2012

No, that title is not a typo. The WHOIS service and the underlying protocol are a relic of another Internet age and need to be replaced. At the recent ICANN 43 conference in Costa Rica, WHOIS was on just about every meeting agenda because of two reasons. First, the Security and Stability Advisory Committee put out SAC 051 which called for a replacement WHOIS protocol and at ICANN 43, there was a panel discussion on such a replacement. The second reason was the draft report from the WHOIS Policy Review Team. more

The Journey of IPv6 Implementation 9 Months Later

Mar 23, 2012

ICANN 43 in Costa Rica was in the heart of IPv6 implementation with everybody touching on how much it was needed as part of the internet ecosystem to fully utilize the ICANN expansion of the new gTLD namespace from 21 to the maximum number that will manage to get delegated at the beginning of 2013. more

NASA Teething Troubles Teach a DNSSEC Lesson

Mar 22, 2012

On January 18, 2012, Comcast customers found they could not access the NASA.gov website. Some users assumed that Comcast was deliberately blocking the website or that NASA, like Wikipedia and Reddit, was participating in the "blackout" protests against the Stop Online Piracy Act (SOPA) going on that day. As it turned out, the truth was much less exciting, but it offers important lessons about DNSSEC. more

Growth in IPv6-Capable DNS Infrastructure

Mar 19, 2012

In our last post on CircleID we showed encouraging growth in the number of IPv6-enabled networks. But announcing an IPv6 prefix is only one of the first steps a network operator should take when deploying IPv6. For a full IPv6 deployment, IPv6 needs to be enabled on network infrastructure and made available to end users. One key piece of infrastructure for which we can measure IPv6 capabilities are DNS resolvers. more

De Facto Rules a Boon to Rogue Players

Mar 14, 2012

In Ian Flemming's Thunderball M sends 007 to the Bahamas on a hunch that SPECTRE is hiding something there. Well, it's been our hunch for a while that the Bahamas "office" for the Registrar Internet.BS does not exist. Now we have confirmation of such. It has been documented in an explosive undercover expose by LegitScript that Internet.BS address as stated could not be verified, could not accept mail, and that the business itself could not actually be found in the Bahamas. more

ICANN’s Contract Not Enforceable on WHOIS Accuracy

Mar 12, 2012

This may or may not come as a shock to some of you, but ICANN's contract with the Domain Name Registrars, in terms of WHOIS inaccuracy is not enforceable. Bear with me. The ability of ICANN to enforce against a Registrar who fails to correct or delete a domain with false WHOIS does not exist. more

Port 43 Failures Continue to Haunt

Mar 07, 2012

On February 16, 2012 ICANN took the new step of suspending the Registrar Alantron's ability to register new names or accept inbound domain transfers. This new compliance tool was used following Alantron's apparently inadequate response to a breach notice issued November 7, 2011. The issue in part concerns Alantron's perpetual problems with Port 43 WHOIS access which is required by the Registrar Accreditation Agreement. more

IPv6 Stat Leapfrogs Expectations and Illustrates Important Role Registrars Play in Uptake

Feb 28, 2012

Since 2005, Infoblox has commissioned a survey by The Measurement Factory, a research firm that specializes in performance testing and protocol compliance. The studies examine key aspects of the Internet's Domain Name infrastructure with results that uncover trends in DNS server configuration and deployed features. Some topics that have helped define the survey over the years have been arguably more leading edge (DNSSEC), while others are best described as quotidian (lame servers). more

Industry Updates

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

DNS Deep Diving into Pig Butchering Scams

DNS Abuse: Finding Our Way Forward Together

  • By CSC
  • Dec 28, 2023

Behind the Genesis Market Infrastructure: An In-Depth DNS Analysis

Signs of Ongoing RedLine Stealer Operation Found Through a DNS Deep Dive

Rhysida, Not Novel but Still Dangerous: DNS Revelations

The Makings of ADHUBLLKA According to the DNS

The Hidden Secret About Your DNS Zones and Combatting Phishing Campaigns

  • By CSC
  • Oct 12, 2023

Examining WoofLocker Under the DNS Lens

Tracing Truebot’s Roots through a DNS Deep Dive

Potential Traces of Aurora Spread Via Windows Security Update Malvertisements in the DNS

Verisign Domain Name Industry Brief: 354.0 Million Domain Name Registrations in Q1 2023

Scouring the DNS for Traces of Bumblebee SEO Poisoning

Searching for Nevada Ransomware Digital Crumbs in the DNS

Subdomain Hijacking Vulnerabilities Report: One in Five DNS Records Are Left in a State in Which They Are Vulnerable to Subdomain Hijacking

  • By CSC
  • May 04, 2023
View More