Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
The U.S. Commerce Department's National Telecommunications and Information Administration (NTIA) announced today that it has awarded the Internet Assigned Numbers Authority (IANA) functions contract to the Internet Corporation for Assigned Names and Numbers (ICANN). The IANA functions are key technical services critical to the continued operations of the Internet's underlying address book, the Domain Name System (DNS). more
The Internet Governance Project has unearthed a consultancy report to the U.S. Department of Homeland Security (DHS) that makes it clear that the issue of root signing and DNSSEC key management has been recognized as a political issue within the US government for long time. more
AWS is introducing Route 53 Accelerated Recovery to help organizations maintain DNS control during regional outages, offering a 60-minute recovery objective and sustained access to key API operations for critical updates and traffic management. more
The International Trademark Association's Blockchain Subcommittee is interested in meeting companies working on Blockchain applications related to intellectual property. The Blockchain Subcommittee's mission is to explore the use of blockchain technology in trademark prosecution, maintenance, protection, and practice, including the opportunities and threats to the value of trademarks, brands, and consumer trust in emerging blockchain technologies. more
February 4th 2008 will be the day the repotting of the internet finally starts. A milestone of sorts for some people who spent a good part of the last five years getting us this far. It should now be finally possible for a IPv6 only device to have a chance to communicate on the Internet. Indeed, today, IPv6 address information is not included in most root DNS servers. Some good write-ups are already appearing on the subject covering the relevance of this development... Why get excited as there are practically no IPv6 only devices yet, some will bemoan. Well, one can hear a distant rumbling of such devices coming, alongside the mobile internet... more
As the implementation of DNSSEC continues to gather momentum and with a number of ccTLDs, and the '.org' gTLD having deployed it into their production systems, I think it is worth pausing to take a look at the entire DNSSEC situation. Whilst it is absolutely clear that DNSSEC is a significant step forward in terms of securing the DNS, it is but one link in the security chain and is therefore not, in itself, a comprehensive solution to fully securing the DNS system. more
The APNIC Blog has recently published a very interesting article by Willem Toorop of NLnet Labs on the relationship between Security Extensions for the DNS (DNSSEC) and DNS over Transport Layer Security. Willem is probably being deliberately provocative in claiming that "DoT could realistically become a viable replacement for DNSSEC." If provoking a reaction was indeed Willem's intention, then he has succeeded for me, as it has prompted this reaction. more
Several people pointed out that although the suit still hasn't appeared in PACER, copies of the complaint are available online, including this one [PDF] at Lextext. Having read it, I'm rather underwhelmed... I do not purport to be a lawyer (nor do I usually play one on the net), but it's hard to see how the facts, which are not in serious dispute, would support any of these charges. more
There is a new threat in town known as "SAD DNS" that allows attackers to redirect traffic, putting companies at risk of phishing, data breach, reputation damage, and revenue loss. What is SAD DNS? No, it isn't the domain name system (DNS) feeling moody, but an acronym for a new-found threat -- "Side-channel AttackeD DNS" discovered by researchers that could revive DNS cache poisoning attacks. more
If you haven't been reading the news of late, venerable anti-spam service Spamhaus has been the target of a sustained, record-setting Distributed Denial-of-Service (DDoS) attack over the past couple of weeks... Of course, bad guys are always mad at Spamhaus, and so they had a pretty robust set-up to begin with, but whoever was behind this attack was able to muster some huge resources, heretofore never seen in intensity, and it had some impact, on the Spamhaus website, and to a limited degree, on the behind-the-scenes services that Spamhaus uses to distribute their data to their customers. more
ICANN's two-year effort to purportedly preserve the Whois public directory to the greatest extent possible while complying with GDPR has failed. Under the latest proposal, the Whois database, once a contractually-required directory of domain name registrants, will be gutted to the point of virtual worthlessness, as registrars, registries, academics, and hand-wringing others ignored the public interest and imposed ever-higher barriers to legitimate, GDPR-compliant access to registration data. more
The proposal "The Internet an International Public Treasure" ("Public Treasure") offers a means of creating a prototype for an international collaborative management structure for the Internet (see Part I of this article).
more
Experts and companies in the information security industry today announced the formation of the Secure Domain Foundation (SDF), a new, non-profit, community-driven organization devoted to the identification and prevention of Internet cyber crime utilizing the domain name system (DNS). more
With the recent attacks against high-profile New Zealand domain names including Coca-Cola.co.nz and F-Secure.co.nz, fingers are naturally pointing to Domainz, the registrar of record for these domains, as the party responsible for this lapse in security. While domain name registrars certainly need to ensure the security and stability of their systems, domain name registries must also step up and take responsibility for mitigating risks posed by hackers... more
In my recent write-up I start by discussing some recent threats network operators should be aware of, such as recursive DNS attacks. Then, a bit on the state of the Internet, cooperation across different fields and how these latest threats with DDoS also relate to worms and bots, as well as spam, phishing and the immense ROI organized crime sees. I try and bring some suggestions on what can be done better, and where we as a community, as well as specifically where us, the "secret hand-shake clubs" of Internet security fail and succeed. Over-secrecy, lack of cooperation, lack of public information, and not being secret enough about what really matters. more
A World-Renowned Source for Internet Developments. Serving Since 2002.