Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
As a registrar at the front end of the DNSSEC deployment effort, our technical team has made a sustained investment in DNSSEC deployment so that our customers don't get overwhelmed by this wave of changes to the core infrastructure of the Domain Name System. Along the way, we've learnt a lot about how to implement DNSSEC which might hold useful lessons for other organizations that plan to deploy DNSSEC in their networks.
Let's start by stating the obvious: All business communications depend on IP addresses. Without an IP address, you simply can't communicate over the network. No IP address means no access to your email server, no access to your website, and no cell phone or VoIP access. So much for the new VoIP system installed last month. What does that mean to you?
The first step (but certainly not the last) towards saving the internet from spam, malware, and other abuse is to keep your own network clean. A friend of CAUCE, who wishes to remain anonymous, offers these tips and resources to help you identify problem traffic emanating from your network, and clean it up. Though primarily written for ISPs, many of the items below should apply equally well to any network owner.
The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks... This is an interesting point of view, and it extends from the United States's policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons...
You may have seen media reports a few weeks ago describing how servers behind the so-called Great Firewall of China were found delivering incorrect DNS information to users in the rest of the world, thereby redirecting users to edited Web pages. Reports indicate that this apparently occurred due to a caching error by a single Internet Service Provider. While the problem was fairly limited in scope, it could have entirely been prevented in a world where DNSSEC was fully deployed.
Mid March a special plenary session of the Canadian standard committee isacc was convened in Ottawa to review the final report of the Canadian IPv6 Task Group. It was unanimously approved and the essence of its 66 pages are seven recommendations for Government, Industry, Service and Content providers, and the regulator, CRTC to proceed with diligence, even some sense of urgency. One paragraph provides an interesting new twist...
The POPClock tells us that there are 6,807,230,170 of us on this planet when I looked it up at 22:26 UTC (EST+5) Feb 26, 2010. In the meantime we are about to connect the 5 billionth cell phone user this year according to ITU Secretary-General Dr. Hamadoun Toure.
Last week Czech researchers released information on a new worm which exploits CPE devices (broadband routers) by means such as default passwords, constructing a large DDoS botnet. Today this story hit international news... The spread of insecure broadband modems (DSL and Cable) is extremely wide-spread, with numerous ISPs, large and small, whose entire (read significant portions of) broadband population is vulnerable.
All the talk early this year seems to be about LTE deployment to alleviate chronic Apple and other smartphones induced indigestion on the AT&T and other major Mobile Networks swamped by data traffic. The telluric shift albeit the user will not care or should not notice is that when he or she will power on that smartphone or whatever the communicating Swiss Knife will be called, it will request an IP address to complete an IP based call.
It might seem a little strange, but in the current economics of the market in registration of DNS names it appears that the set of names that are not "visible," or at least not associated with any dedicated network service point, represents a far larger set, and has a far higher total value to the DNS name registration industry, than the set of network-visible service endpoint domain names. In other words, there appears to be a larger and more valuable market for names that do not exist than for names that do.
A World-Renowned Source for Internet Developments. Serving Since 2002.