DNS

 Sponsored
by

DNS / Featured Blogs

NASA Teething Troubles Teach a DNSSEC Lesson

Mar 22, 2012

On January 18, 2012, Comcast customers found they could not access the NASA.gov website. Some users assumed that Comcast was deliberately blocking the website or that NASA, like Wikipedia and Reddit, was participating in the "blackout" protests against the Stop Online Piracy Act (SOPA) going on that day. As it turned out, the truth was much less exciting, but it offers important lessons about DNSSEC.

Growth in IPv6-Capable DNS Infrastructure

Mar 19, 2012

In our last post on CircleID we showed encouraging growth in the number of IPv6-enabled networks. But announcing an IPv6 prefix is only one of the first steps a network operator should take when deploying IPv6. For a full IPv6 deployment, IPv6 needs to be enabled on network infrastructure and made available to end users. One key piece of infrastructure for which we can measure IPv6 capabilities are DNS resolvers.

De Facto Rules a Boon to Rogue Players

Mar 14, 2012

In Ian Flemming's Thunderball M sends 007 to the Bahamas on a hunch that SPECTRE is hiding something there. Well, it's been our hunch for a while that the Bahamas "office" for the Registrar Internet.BS does not exist. Now we have confirmation of such. It has been documented in an explosive undercover expose by LegitScript that Internet.BS address as stated could not be verified, could not accept mail, and that the business itself could not actually be found in the Bahamas.

ICANN’s Contract Not Enforceable on WHOIS Accuracy

Mar 12, 2012

This may or may not come as a shock to some of you, but ICANN's contract with the Domain Name Registrars, in terms of WHOIS inaccuracy is not enforceable. Bear with me. The ability of ICANN to enforce against a Registrar who fails to correct or delete a domain with false WHOIS does not exist.

Port 43 Failures Continue to Haunt

Mar 07, 2012

On February 16, 2012 ICANN took the new step of suspending the Registrar Alantron's ability to register new names or accept inbound domain transfers. This new compliance tool was used following Alantron's apparently inadequate response to a breach notice issued November 7, 2011. The issue in part concerns Alantron's perpetual problems with Port 43 WHOIS access which is required by the Registrar Accreditation Agreement.

IPv6 Stat Leapfrogs Expectations and Illustrates Important Role Registrars Play in Uptake

Feb 28, 2012

Since 2005, Infoblox has commissioned a survey by The Measurement Factory, a research firm that specializes in performance testing and protocol compliance. The studies examine key aspects of the Internet's Domain Name infrastructure with results that uncover trends in DNS server configuration and deployed features. Some topics that have helped define the survey over the years have been arguably more leading edge (DNSSEC), while others are best described as quotidian (lame servers).

Measuring Root Server Performance

Feb 17, 2012

Root name servers are a core service of the Internet. As such they receive a huge amount of queries and need to answer reliably with acceptable delay. The RIPE NCC is responsible for operating one of the 13 DNS root name servers K-root which responds to 10,000 - 15,000 queries per second. Most root servers are operated as a network of distributed "instances" using anycast.

Most Abusive Domain Registrations are Preventable

Feb 16, 2012

As the WHOIS debate rages and the Top-Level Domain (TLD) space prepares to scale up the problem of rogue domain registration persists. These are set to be topics of discussion in Costa Rica. While the ICANN contract requires verification, in practice this has been dismissed as impossible. However, in reviewing nearly one million spammed domain registrations from 2011 KnujOn has found upwards of 90% of the purely abusive registrations could have been blocked.

End of the World/Internet on 31-March-2012?

Feb 16, 2012

Well... Maybe not the world, but the Internet it seems. According to a Pastebin letter, Anonymous announced they will black-out Internet on 31st of March. They even explained how to do it by attacking the DNS Root Servers on Internet using a reflected amplification attack. If this is successful, the root DNS servers will become unresponsive and cannot handle any other requests...

Anonymous Plans to Go After DNS Root Servers. What Will Be the US’s Response?

Feb 15, 2012

The other day on pastebin, snippets of an email conversation were posted with members of the hacking group Anonymous discussing plans to conduct DOS attacks against the Internet's root name servers... Going after the Internet's root servers is a very bold move by Anonymous. Whereas before they were "merely" breaking into companies that they believed were acting contra to the hacker ethic, going after the Internet infrastructure is another thing altogether. Why?

Industry Updates

Unstoppable and Radix Launch “.pw” Domain Extension for Public Wallets

Four Steps to Mitigate Subdomain Hijacking

  • By CSC
  • Aug 06, 2024

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

DNS Deep Diving into Pig Butchering Scams

DNS Abuse: Finding Our Way Forward Together

  • By CSC
  • Dec 28, 2023

Behind the Genesis Market Infrastructure: An In-Depth DNS Analysis

Signs of Ongoing RedLine Stealer Operation Found Through a DNS Deep Dive

Rhysida, Not Novel but Still Dangerous: DNS Revelations

The Makings of ADHUBLLKA According to the DNS

The Hidden Secret About Your DNS Zones and Combatting Phishing Campaigns

  • By CSC
  • Oct 12, 2023

Examining WoofLocker Under the DNS Lens

Tracing Truebot’s Roots through a DNS Deep Dive

Potential Traces of Aurora Spread Via Windows Security Update Malvertisements in the DNS

Verisign Domain Name Industry Brief: 354.0 Million Domain Name Registrations in Q1 2023

Scouring the DNS for Traces of Bumblebee SEO Poisoning

View More