DNS |
Sponsored by |
|
Ars Technica's Dan Goodin reports that an "investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp, and other legitimate people or organizations." more
On Monday, June 21, ICANN convenes in Brussels, hosting its "Welcome Ceremony" for attendees. In advance of the session, the agenda for the Board meeting on Friday, June 25 has been released. As is the fashion, it lists significant issues without being too specific or tipping the Board's hand. It also allows for matters that arise organically during the week of the meeting to (possibly) be heard. more
IT security specialists have known for years that the plain DNS is not to be trusted. Any hope for improvement rests on the DNSSEC protocol deployment. In this post, I will review the current status in one critical aspect, namely the DNS root signature key management. The other two foremost are the application usage of DNSSEC protocol functionality and the operational front, or the extent of deployment in the DNS infrastructure. The operational front includes the support by the DNS root nameservers, but my focus on signature key management leaves this issue aside. more
First the Los Angeles Times, now the New York Times have both printed editorials critical of the PROTECT-IP bill. Both the LAT and NYT support copyright - and announce as much in their opening sentences. That doesn't mean we should sacrifice Internet security and stability for legitimate DNS users, nor the transparency of the rule of law. more
According to a new report, the number of domain names increased by 24 million globally in 2008 increasing the total to 177 million domain name registrations across all of the Top Level Domains (TLDs). This represents 16% growth over the previous year, reports the latest Domain Name Industry Brief published by VeriSign. It is also noted that the last quarter of 2008 saw more than 10.1 million new domain names registered across all TLDs. This reflects a slower growth in new registrations with a decline of 12% from the third quarter 2008 and 17% from the same quarter in the previous year. more
Would you like to share information about how you are using DNSSEC with the wider technical community? Do you have an idea for how to make DNSSEC or DANE work better? Or work with new applications? If so - and if you will be attending ICANN 62 in Panama City, Panama from 25-28 June 2018 - then please consider sending in a proposal to participate as a speaker in the ICANN 62 DNSSEC Workshop! more
On Thursday, Oct 1, 2015, from 9:30am-4:30pm US EDT (UTC-4), Dyn will be holding their "TechToberFest" event in Manchester, NH, and also streaming the video live for anyone interested. There are a great set of speakers and a solid agenda. As I wrote on the Internet Society blog, I'll be part of the security panel from 3-4pm US EDT... and we who are on the panel are excited to participate just for the conversation that we are going to have! It should be fun! more
M3AAWG, the Messaging, Malware, and Mobile, Anti-Abuse Working Group and APWG, the Anti-Phishing Working Group, surveyed their members about recent WHOIS changes. With over 300 results from security researchers, it's the broadest report yet on WHOIS use. The survey results confirm our concerns that WHOIS was a vital resource for security research, and its loss is a serious and ongoing problem. more
ICANN just recently performed a Root Zone DNS Security Extensions (DNSSEC) Key Signing Key (KSK) Rollover. The recent KSK Rollover that took place on the 11th October 2018. The KSK Rollover has been successful and congratulations are in order. The Root Zone DNSSEC Key Signing Key "KSK" is the top most cryptographic key in the DNSSEC hierarchy. The KSK is a cryptographic public-private key pair. more
Close to 1300 IP addresses were hijacked this morning resulting in Amazon losing control of a number of its highly used cloud services. more
As we approach the World Cup in South Africa this June it's heartening to see the amount of attention being paid to the continent. As with ICANN's recent Nairobi meeting, the eyes of the world are focusing on Africa in a new way -- as a sophisticated marketplace, and as a destination for investment, technology, and yes, sports... Still, as we prepare for the Cup and as we celebrate ICANN's recent approval of more Internationalized Domain Names (IDNs), our job as an Internet community remains unfinished. Too many scripts and thus too many key voices remain "off the pitch". more
I've been incredibly lucky in my time at Neustar to lead both the exceptional Registry and Security teams. While these divisions handle their own unique product and service offerings, it's clear that they have some obvious crossovers in their risks, opportunities and challenges. Having been closely involved in the strategy of both these teams, it strikes me that there is more we as Registry Operators and service providers can and should be doing to align the world of cybersecurity with that of domain names. more
The idea behind my recent book "Managing Mission Critical Domains & DNS" is to provide a unifying overview around the area of domains and naming where I think there exists an artificial divide, and that divide exists between domain policy, and managing ones' domain portfolio; and the DNS ops side of things: running your nameservers or outsourcing to a vendor, or both. I've been doing this for over 20 years, I've seen almost every failure condition that can happen to your domain or DNS... more
Just in time for ICANN's 44th meeting next week, a new Internet Draft has turned up, purporting to fix the centralization of the DNS. The draft has received some attention, including an article in PC World. It isn't entirely clear what the real purpose of the draft is, but it is hard to credit the notion that it is solving any technical problem. Without examining the reasons why the draft exists, I want to debunk a claim in it. more
According to Shanghai Daily, there has been an "organized Internet attack on Tuesday night which caused serious congestion in several provinces [in China] and left millions of users unable to gain access to the Internet." This is the first time the regulator has published news about an investigation into an online attack in China within 24 hours, says Shanghai Daily. ..."It was an attack on DNS (Domain Name System) and the carriers and related firms should do more back-up to avoid similar incidents," the ministry said in a statement. more
A World-Renowned Source for Internet Developments. Serving Since 2002.