Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
Recent events have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted, there are many security controls that registrants can utilize to help strengthen their security posture. Verisign would like to reiterate this advice within the context of the recent domain hijacking reports. Domains are an important element of internet infrastructure; their functionality and security rely upon many factors such as their delegated name servers. more
Despite all signs pointing to a launch of the new generic Top-Level Domains (gTLDs) program in Singapore, it seems like ICANN could not help poking the Government Advisory Committee (GAC) in the eye one last time. In the latest installment of how a California not for profit technical coordinating body knows best, we have the ICANN Evidence of "Use" Requirement for Trademark Protection document. more
Bruce Schneier's recent blog post, "Someone is Learning How to Take Down the Internet", reported that the incidence of DDOS attacks is on the rise. And by this he means that these attacks are on the rise both in the number of attacks and the intensity of each attack. A similar observation was made in the Versign DDOS Trends report for the second quarter of 2015, reporting that DDOS attacks are becoming more sophisticated and persistent in the second quarter of 2016. more
The U.S. National Telecommunications and Information Administration (NTIA) is soliciting comments on signing the DNSSEC root. Ignore the caption on the page: this is not about DNSSEC deployment, which is already happening just fine. It's about who gets to sign the root zone. more
Complete DNSSEC implementation requires that domains are authenticated at the root by the Registry, and that DNS zones and records are authenticated as well. Now before I go any further, let me begin by stating that I fully support the development and deployment of DNSSEC and that the vulnerabilities presented by Cache Poisoning are very real, especially for those websites collecting login credentials or other types of sensitive information. more
ICANN's 44th public meeting is about to start in a few days with a number of topics on the agenda. Some of them are new, while some of them are ongoing. First off, ICANN will be announcing the new CEO this Friday afternoon in Prague. Whoever it is will be coming to the organisation at a time when it faces a number of significant challenges. While the actual official meeting does not start until Monday morning there will be plenty of meetings on over the weekend as well... So what's on the "menu" for Prague? more
I co-authored a book in 2005, titled "Extreme Exploits: Advanced Defenses Against Hardcore Hacks." My chapters focused on securing routing protocols such as BGP, and securing systems related to DMZs, firewalls, and network connectivity. As I look back over those chapters, I realize that the basic fundamentals of network security really haven't changed much even though technology has advanced at an incredible pace. "Defense in depth" was a hot catch phrase seven years ago, and it still applies today. more
If you will be at ICANN 52 in Singapore in February 2015 (or can get there) and work with DNSSEC or the DANE protocol, we are seeking proposals for talks to be featured as part of the 6-hour DNSSEC Workshop on Wednesday, February 11, 2015. The deadline to submit proposals is Wednesday, December 10, 2015... The full Call For Participation is published online and gives many examples of the kinds of talks we'd like to include. more
Censorship practices by governments and other private actors are becoming more increasingly more sophisticated, and their effects are increasingly being felt globally. A case in point, the YouTube incident in Pakistan was a recent example affecting both users and the DNS at a national and global level. Likely other incidents will occur in the near future. As such, I believe censorship should be considered as a threat to the stability and security of the DNS. In the context of Internet governance discussions, I believe the issue should be raised both at ICANN and the Internet Governance forum. Do others agree? more
As described in New RIPE Atlas Features in the Making, each RIPE Atlas probe performs "anycast instance discovery" measurements. This means, for each DNS root name server, we determine which instance of a name server a probe uses. We compile the data from all probes and build maps showing these results for each Atlas probe. In other words, the map shows the "gravitational radius" for root DNS server instances. more
After a long and exhaustive process it was finally decided by ICANN to introduce seven new top level domains in December. Well, they are not really introduced yet because the United States Government has the final word and they have not approved of them yet. Did you understand what I just wrote - the United States Government decides what names you can have on the Internet? more
As Internet governance fragments in 2026, authority shifts from open, multistakeholder forums to state-led security regimes, legal instruments, and alliance-based cooperation, challenging longstanding institutions and reshaping global norms through enforcement rather than consensus. more
The merits of a Registry Service Provider accreditation programs have been debated across the Domain Industry since the most recent round of Domain Name Registries were introduced starting in 2012. This post discusses the early reasoning in support of an accreditation program; changes in the policy considerations between 2012 and now; the effects of competition on the landscape; a suggestion for how such a program might be implemented; and why such a program should be introduced now. more
The Silent Librarian advanced persistent threat (APT) actors have been detected once again, as the academic year started in September. With online classes increasingly becoming the norm, the group's phishing campaigns that aim to steal research data and intellectual property could have a high success rate. Dozens of phishing domain names have been reported, although some may have already been taken down. more
You wake up, make coffee, sit down by the computer and start reading your favorite web sites. You fire up your favorite browser and type 'www.site.com' on the address bar, hit enter and continue sipping on that coffee. You wait for the page to load, sipping some more coffee - a few seconds later you get the Google search results for 'www.site.com'. You scratch your head, sip some more coffee, and start wondering if you did a typo, but no it is correct - Google is not correcting your spelling. more
A World-Renowned Source for Internet Developments. Serving Since 2002.