DNS |
Sponsored by |
|
IPAM solutions are the source of truth for IP resources on the network, but when performing IPAM functions such as assignments, reconciliations, DNS updates, network plans, or Regional Internet Registry (RIR) requests, IPAM is often limited by its integration with an OSS. Operational teams can find it challenging to complete routine tasks without an integrated IPAM solution due to siloed data pools and swivel-chair environments. more
DNS Abuse and how to address it has been the topic of intense, often conflictual, and rarely conclusive discussions for many years, starting with the very definition of the term and the degree of responsibility bestowed upon DNS operators. In 2018, after several months of intersessional work, the Internet & Jurisdiction Global Conference brought together in Ottawa more than 200 key stakeholders to define a roadmap to address certain jurisdictional challenges on the Internet, including DNS abuse. more
There has been plenty of buzz and chatter on the Internet recently concerning a very large DDoS attack against CloudFlare, with coverage on their blog, the New York Times, and the BBC, among many others. While attacks of this nature are certainly nothing new, the scale of this attack was surprising, reported to hit 120Gbps. For a sense of scale, your average cable modem is only about 20Mbps, or about 0.016% of that bandwidth. more
The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop on Wednesday, 06 November 2019, during the ICANN66 meeting held from 02-07 November 2019 in Montreal, Canada. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. more
ICANN will not delay the launch of its much anticipated program to create hundreds, possibly thousands, of new Internet extensions, nor run a limited ‘pilot program’, as reported today by Kieren McCarthy of .Nxt. "Steve Crocker [ICANN's chairman] admitted that the organization’s Board will be holding a special meeting in the first week of January and that the meeting’s focus will be the launch of the new gTLD program the following week." However that meeting will not consider a delay or limited rollout option. more
In light of some changes contained in the most recent Applicant Guidebook as well as some of the proposed contractual provisions contained in the recent IANA Statement of Work, there is a potential growing justification to make some necessary last minute changes to the legal terms and conditions contained in Module 6 of the Applicant Guidebook. Specifically, the Governmental Advisory Committee (GAC) and its individual members have a clearly defined role in the new generic Top-Level Domains (gTLDs) process... more
Couple of weeks ago I started a new initiative called "Names, Numbers and Beyond". I started this as I genuinely think we are facing big issues due to the uncontrolled and non-standard growth of the IP and Name space used today and tomorrow. To keep in control and make everything manageable, parcelling out IP address space and the use of tight naming standards/policies is necessary to make networks work better and make them achievable. more
Kieren McCarthy reporting in the Register: "The US government has posted a step-by-step guide to how it authorizes changes to the internet's root zone -- the heart of the world's domain-name system. The 16-page slide deck published by the Department of Commerce's National Telecommunications and Information Administration (NTIA) sheds light on what has been a contentious and largely secret process for the past 15 years." more
Last week, millions of infected devices directed Internet traffic to DNS service provider Dyn, resulting in a Distributed Denial of Service (DDoS) attack that took down major websites including Twitter, Amazon, Netflix, and more. In a recent blog post, security expert Bruce Schneier argued that "someone has been probing the defences of the companies that run critical pieces of the Internet". This attack seems to be part of that trend. This disruption begs the question: Can we trust the Internet? more
If there's one simple - high impact - thing you could do to quickly check whether your network has been taken over by a criminal entity, or uncover whether some nefarious character is rummaging through your organizations most sensitive intellectual property out of business hours, what would it be? In a nutshell, I'd look to my DNS logs. It's staggering to me how few security teams have gotten wise to regularly interrogating the logs from their recursive DNS servers. more
Wikipedia defines a Mexican standoff as "a confrontation in which no strategy exists that allows any party to achieve victory. As a result, all participants need to maintain the strategic tension, which remains unresolved until some outside event makes it possible to resolve it." This would be an apt way to describe what may be possibly occurring presently between the Internet Corporation for Assigned Names and Numbers (ICANN) and its largest ratepayer, VeriSign. more
Today the DNS Abuse Institute (“DNSAI” or the “ Institute”) adds a new level of reporting for our measurement project: DNSAI Compass™ (“Compass”). With this new level of reporting, we intend to show the spectrum of how malicious phishing and malware is distributed across the DNS registration ecosystem.1 To demonstrate this, we are identifying registrars and TLDs with high and low volumes of malicious domain registrations in their Domains Under Management (DUM), or new registrations. more
Want to learn more about the current state of DNSSEC? Want to see demos of new software to secure email? Curious about the potential impact of the Root Key Rollover happening this year? Next week in Copenhagen, Denmark, ICANN 58 will include some great technical info about DNSSEC and DANE happening in several sessions. Here is the plan... more
A DNSSEC failure plunged hundreds of Russian-language websites into darkness on Tuesday evening, rendering .ru and .рф domains inaccessible. The outage affected users both within and outside Russia, with major platforms such as Tinkoff Bank, Avito, Wildberries, Yandex, and MTS experiencing disruptions. more
Every few months, an important ceremony takes place. It's not splashed all over the news, and it's not attended by global dignitaries. It goes unnoticed by many, but its effects are felt across the globe. This ceremony helps make the internet more secure for billions of people. This unique ceremony began in 2010 when Verisign, ICANN and the U.S. Department of Commerce's National Telecommunications and Information Administration collaborated... more
A World-Renowned Source for Internet Developments. Serving Since 2002.