DNS

Sponsored
by

DNS / Recently Commented

Commerce Department: Headed Toward ICANN 3.0?

The NTIA has published a Notice of Inquiry, Assessment of the Transition of the Technical Coordination and Management of the Internet's Domain Name and Addressing System, in advance of the expiration of the Joint Project Agreement in September 2009. The document outlines the history and evolution of the Memorandum of Understanding (MOU) between the Department of Commerce (DoC) and ICANN, and the questions posed cover fairly standard territory. However, the following might be worth paying attention to... more

Global DNS SSR Recap

This past February, around 100 DNS industry experts met in Atlanta, GA for the "The Global DNS Security, Stability, & Resiliency Symposium." Organized by ICANN and hosted by Georgia Tech, this event was to strengthen personal relationships between operators and review what we know about the DNS infrastructure... The content included three breakout groups over two days: Enterprise Use of DNS, DNS in Resource Constrained Environments, and Combating Malicious Use of DNS... more

A Few More Thoughts on Email Authentication… errr… Trust

Mike Hammer's thoughtful article, A Few Thoughts on the Future of Email Authentication, should trigger thoughtfulness in the rest of us. Email abuse has been around a long time. Anti-abuse efforts have too. Yet global abuse traffic has grown into the 90+% range, with no hint of trending downward. The best we hear about current effectiveness is for last-hop filtering, if you have the money, staff and skills to apply to the problem... more

Is It Time to Supplement Desktop Security Protections?

Internet users are acutely aware of their exposure on the Internet and clearly concerned about their safety. Increased downloads of scareware as Conficker made headlines in the mainstream media are only the latest evidence. Desktop software is often viewed as a one-stop shop for fighting Internet threats such as viruses, worms and other forms of malware and phishing. These solutions have served us well but more protections are needed to address the dynamic and increasingly sophisticated web based exploits being launched... more

Why DNS Is Broken, Part 1: Trust

So this Internet thing, as we discussed in our last article, is broken. I promised to detail some of the specific things that are broken. Implicit trust is the Achilles heel of the Internet... All of the communication between the resolver and the DNS server is in plain text that can be easily seen and changed while in transit, further, the resolver completely trusts the answer that was returned... more

DNS Insecurity

The Internet as we know it and use it today -- is broken, badly broken. Yes broken so much so that we are really crazy to have any expectations of privacy or security. Yes, really. The Internet was conceived as somewhat of a utopian environment, one where we all keep our doors, windows and cars unlocked and we trust all the people and machines out there to "do the right thing...". more

Will ENUM Deliver?

ENUM (E.164 NUmber Mapping) is a technology that has been around for a little while that has promised much and, so far, delivered little to the average user. As Nominet has recently been awarded the contract to administer the UK 4.4.e164.arpa delegation, I thought it was time that I put my thoughts on this subject down in writing. I'm going to cover the potential of ENUM in the telecoms industry and what it could mean to you, along with how it is currently being used and what potential security issues surround ENUM. more

The DNSSEC Industry Coalition Meets to “Make It So”

The DNSSEC Industry Coalition conducted its first face to face meeting on Friday, March 13, 2009 at Google's Washington, DC office. Google's fun filled meeting room was packed with organizations that share a keen interest in DNS Security through the implementation of DNSSEC. more

This Is Not Your Father’s Traceroute Tool

Traceroute is a network tool that helps determine the path packets take as they travel from one location to another, identifying all of the "hops" along the way. I wonder why they are called hops*? Almost all operating systems have traceroute utilities built in. The command is just that "traceroute", Windows systems abbreviate the command as "tracert" to deal with the 8.3 file naming convention of old... So, let's look at what information traceroute gives you. more

Recursive DNS and You

In the world of DNS, there are two types of DNS servers, 'recursion disabled' and 'recursion enabled'. Recursion disabled servers, when asked to resolve a name, will only answer for names that they are authoritative for. It will absolutely refuse to look up a name it does not have authority over and is ideal for when you don't want it to serve just any query. It isn't, however, very useful for domains you don't know about or have authority over... more

National Domain Registry Nominet Launches UK ENUM

Nominet, the national registry for .uk domain names, has announced that ENUM, a registry service combining UK telephone numbers and the Domain Name System (DNS) for VoIP calls, is live. ENUM, also known as Telephone Number Mapping, is expected to allow companies and their customers and suppliers to make free or cheaper calls. In addition to the cost savings, other value-added features that ENUM is expected to provide for corporate communications include 'follow me' type function that will allow an individual to choose how (voice, fax, mobile, email, text messaging, location-based services and websites), and when they would like to be contacted throughout the day. more

The DNSSEC Groundswell

It's been 15 long years since the standard for DNSSEC was developed and sadly adoption has been painfully low until recently, thanks to Dan Kaminsky, the infamous Internet Researcher who indentified that gaping hole in the DNS. The discovery of the fundamental flaw in DNS sparked industry wide attention! Every day, we move a little closer to widespread DNSSEC adoption, so I thought I'd take a moment and highlight some of the most notable milestones... more

24 Million Domain Names Registered in 2008, Total Reaching 177 Million Worldwide

According to a new report, the number of domain names increased by 24 million globally in 2008 increasing the total to 177 million domain name registrations across all of the Top Level Domains (TLDs). This represents 16% growth over the previous year, reports the latest Domain Name Industry Brief published by VeriSign. It is also noted that the last quarter of 2008 saw more than 10.1 million new domain names registered across all TLDs. This reflects a slower growth in new registrations with a decline of 12% from the third quarter 2008 and 17% from the same quarter in the previous year. more

What Would You Like to Ask at the ICANN Public Fora in Mexico City?

ICANN has its 34th international public meeting in Mexico City on 1-6 March i.e. in just over a fortnight. One of the consistent concerns I hear in my role as general manager of public participation for the organization is that there is not a way for people to ask questions to the staff and the Board. I don't think that's really true but I do accept that the formats used are not liked by a large number of people... more

X-Force Report: Corporations Becoming No. 1 Security Threat to Their Own Customers

With the alarming increase in cyberattacks, criminals are literally turning businesses against their own customers in order to steal consumer's personal data, warns the latest annual X-Force Trend and Risk report from IBM. "The security industry puts a lot of effort into the technical evaluation of security threats, examining, sometimes at great length, the potential threat that each issue might present to corporations and consumers. Criminal attackers out for profit, however, have considerations that the security industry does not always take into account, such as monetization cost and overall profitability." more