DNS

Sponsored
by

DNS / Most Viewed

Security Through Obscurity as an Institution

One of my staff members pointed me to an article by Mikko Hyppönen in Foreign Policy. In this article Mikko argues that a new top level domain (TLD) like .bank for some reason would prevent on-line fraud, at least partially. Mikko seems to be arguing that with a dedicated TLD registry for financial institutions and a fee high enough to act as an entry barrier you would have a trustworthy bank domains that would be immune against today's phising attempts... more

ccTLDs Might Be Property

The long-running saga of victims who are pursuing 'state sponsors of terrorism' via ICANN has taken yet another turn. Some time back the Plaintiffs in Rubin & ors -v- Islamic Republic of Iran & ors managed to obtain Writs of Attachment in the Federal court district in Washington (D.C.) courts ordering that the ccTLDs of those respective countries be seized in part-payment of the damages they are owed. ICANN, fairly predictably, became involved at this point. more

How to Evaluate Performance of a DNS Resolver

Ten years ago everyone evaluating DNS solutions was always concerned about performance. Broadband networks were getting faster, providers were serving more users, and web pages and applications increasingly stressed the DNS. Viruses were a factor too as they could rapidly become the straw that broke the camel's back of a large ISP's DNS servers. The last thing a provider needed was a bottleneck, so DNS resolution speed became more and more visible, and performance was everything. more

Call for Participation – ICANN DNSSEC and Security Workshop for ICANN74 Policy Forum

Do you have information about DNS security or routing security that you would like to share with the global community? Have you developed a new tool or system in this area? Do you have results from a research project that you want to share with a technical community? If so, please consider submitting a proposal to the DNSSEC and Security workshop to be held at ICANN 74 in June 2022. more

Ensuring a Strong ICANN Accountability Framework

The U.S. Government's decision to transition its legacy role as the administrator of the IANA functions contract to the global multi-stakeholder community is an important step in the continued evolution of the Internet. While the Motion Picture Association of America (MPAA) supports this transition, we strongly believe that a comprehensive accountability framework, developed, agreed to and approved by the multi-stakeholder community must be in place in advance of finalizing any IANA transition recommendations. more

Google Public DNS Service Passes 70 Billion Requests Per Day, No Longer Experimental

Google reports that its "experimental" public DNS service launched in December of 2009 has now passed 70 billion requests a day and no longer considered experimental. From the announcement: "Google Public DNS has become particularly popular for our users internationally. Today, about 70 percent of its traffic comes from outside the U.S. We’ve maintained our strong presence in North America, South America and Europe, and beefed up our presence in Asia. We've also added entirely new access points to parts of the world where we previously didn't have Google Public DNS servers, including Australia, India, Japan and Nigeria." more

What’s in Your DNS Query?

Privacy problems are an area of wide concern for individual users of the Internet -- but what about network operators? Geoff Huston wrote an article earlier this year concerning privacy in DNS and the various attempts to make DNS private on the part of the IETF -- the result can be summarized with this long, but entertaining, quote. more

New Report on Performance Measurements of the DNS Root Service in China

Zhiwei Yan writes to report: "CNNIC recently lunched a monitoring to measure the performance of the DNS root service in China (mainland). The results reflect that the service diversity from different ISPs and different geographical locations is obvious for different root servers. Besides, the stability of the DNS root service is directly affected by the BGP routing system. CNNIC will continue this work and anticipate the wide participation from the community." more

Researchers Detail Faster Methods to Defeat Botnets Like Conficker and Kraken

Michael Cooney reporting in NetworkWorld: "Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware. The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions..." more

A Look at ICANN’s Creation

My story begins in ancient times when dinosaurs ruled the earth. It was a time when you could download a movie onto your desktop computer through your 56k dial-up connection if you had a few days. It was a time when more people were on the Minitel in France than on the Internet globally and when the Republic of Korea could fit all of its internet users into one small hotel room. I know because I met them all in that room. more

How to Place Top-Level Domain Trust Anchors in the Root

The project to sign the DNS root zone with DNSSEC took an additional step toward completion yesterday with the last of the "root server" hosts switching to serving signed DNSSEC data. Now every DNS query to a root server can return DNSSEC-signed data, albeit the "deliberately unvalidatable" data prior to the final launch. Another key piece for a working signed root is the acceptance of trust anchors in the form of DS records from top-level domain operators. These trust anchors are used to form the chain of trust from the root zone to the TLD. more

The .ORG Debate Should be About What Its Users Want

I watch the controversy over the proposed sale of the .ORG domain with a mixture of bemusement and concern. Some in the ICANN community – mostly those who resent that the Internet ever became commercialized – oppose the sale of the Public Interest Registry to the for-profit company Ethos for $1.1 billion. The basis of their concern is that the domain for non-profits should be in the hands of a non-profit and that the new owners might increase the current $9.93 fee PIR charges for a domain. more

Minimized DNS Resolution: Into the Penumbra

Over the past several years, domain name queries - a critical element of internet communication - have quietly become more secure, thanks, in large part, to a little-known set of technologies that are having a global impact. Verisign CTO Dr. Burt Kaliski covered these in a recent Internet Protocol Journal article, and I'm excited to share more about the role Verisign has performed in advancing this work and making one particular technology freely available worldwide. more

A Look at the Rapid Evolution of the World’s DNS Infrastructure

A recent report by Pingdom looks at the booming growth of Internet's DNS infrastructure. From the article: "Five years ago there were 123 DNS root server sites (the "backend" of DNS) spread out on the Internet. Today there are more than twice as many, over 300. Five years ago, 46 countries had root servers. Today, 76 have them. In other words, not only has the number of root servers grown tremendously, but their geographical spread has increased as well. This is good news for the overall stability and performance of DNS worldwide." more

Domain Name Registrations Reach 215 Million, 5 Million Added in Q2

The latest Domain Name Industry Brief published by Verisign reports more than 5 million domain names were added to the Internet in the second quarter of 2011, bringing the total number of registered domain names to more than 215 million worldwide across all domains. The increase of 5.2 million domain names marks a growth rate of 2.5 percent over the first quarter. Registrations have grown by more than 16.9 million, or 8.6 percent, since the second quarter of 2010. more