Kaminsky Calls For DNSSEC Adoption

The much-debated protocol to help secure the Domain Name System received a big boost today when DNS security guru Dan Kaminsky said the industry must adopt the DNSSEC protocol.Kaminsky, who discovered the now-infamous big DNS flaw last year and got the vendor community to patch it, had for some time mostly dismissed DNSSEC as a DNS security solution. But after studying the specification more closely, Kaminsky — who discussed his newfound support for DNSSEC here during his Black Hat DC presentation — said DNSSEC could remedy some of DNS’ security weaknesses.
http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=214501924Kaminsky: DNS Is Still in Danger
Security researcher Dan Kaminsky is a man with a mission. His goal: to warn the world about the dangers that still persist in the Domain Name System, or DNS (define), in spite of having earlier sounded the alarm on a widespread vulnerability.
http://www.internetnews.com/infra/article.php/3804511Permanent fix needed for DNS security issues, Kaminsky warns at Black Hat
Seven months after the disclosure of a fundamental design flaw in the Domain Name System protocol that was discovered by security researcher Dan Kaminsky, industrywide efforts to address the DNS problem have made considerable headway, according to Kaminsky.Even so, Kaminsky, who works at security services firm IOActive Inc., said this week that the time may have come for IT vendors and users to consider broad adoption of the more-permanent security protections offered by DNS Security Extensions, or DNSSEC, technology.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9128356Security researcher Kaminsky pushes DNS patching
Dan Kaminsky, who for years was ambivalent about securing DNS, has become an ardent supporter of DNS Security Extensions.Speaking at the Black Hat DC 2009 conference Thursday, the prominent security researcher told the audience that the lack of DNS security not only makes the Internet vulnerable, but is also crippling the scalability of important security technologies.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.