Tag Archives: DNS

DNS cache poisoning ready for a comeback: UC Riverside Researchers

[news release] A group led by UC Riverside computer security researchers unveiled discovery of a series of critical security flaws that could lead to a revival of DNS cache poisoning attacks this week at the 2020 ACM SIGSAC Conference on Computer and Communications Security. The attack succeeds by derandomising the source port and works on all layers of caches in the DNS infrastructure, such as forwarders and resolvers. 

Continue reading DNS cache poisoning ready for a comeback: UC Riverside Researchers

Paul Mockapetris receives Software System Award for development of DNS

The Association for Computing Machinery (ACM) named Paul Mockapetris recipient of the 2019 ACM Software System Award for the development of the Domain Name System (DNS), according to an announcement from the Viterbi School of Engineering at the University of Southern California.

Continue reading Paul Mockapetris receives Software System Award for development of DNS

DNS What? Celebrating 30 Years of a Technology That You Use Every Day and Don’t Know It by Paul Mockapetris

When the domain name system (DNS) was developed in 1983 it was viewed as a way of “making it possible for people to create and use domain names for the things they wanted to access instead of numerical addresses,” writes Paul Mockapetris, Chief Scientist and Chairman, Board at Nominum.But today the DNS is used for a myriad of applications. Not just the obvious web addresses and emails, but also “invisibly by applications inside our phones and laptops, meaning we are enjoying it without even knowing it. Network providers like Verizon and Comcast also analyze DNS traffic to identify cyber security threats, or build service delivery platforms layered atop the DNS to create personally tailored Internet experiences for individual users.”Even Mockapetris is surprised at how integral the DNS has become to our lives, writing that he “couldn’t know then — in the early days of the Internet — just how vital the DNS would be in our every day interactions, or all of its roles in advancing the Internet user experiences we are seeing today. But the DNS, like all good technologies, was designed to explore new frontiers and not be put to one particular use. Its design was purposely extensible.”The article gives five common ways that DNS touches our lives. To check out these five ways and the article in full in the Huffington Post, go to www.huffingtonpost.com/paul-mockapetris/dns-what-celebrating-30-y_b_3211030.html.

Anonymous Threat To DNS Appears To Pass Without A Hitch

A threat to attack the Domain Name System on 1 April by Anonymous seems to have not occurred with few major signs of an attack, according to a report in the New York Times.

According to the report, Anonymous hackers had threatened six weeks ago to attack that system, which converts domain names into numeric addresses that computers use. The result of the threat was a “global multimillion-dollar effort to strengthen the Domain Name System in recent weeks.”

“This is kind of anticlimactic,” Bill Woodcock, whose nonprofit Packet Clearing House has been part of that campaign, told the New York Times. “That was kind of the goal.”

“One person monitoring traffic over one of the 13 root servers that are part of the Domain Name System said there was only a five-minute spike in traffic at midnight Friday Greenwich Mean Time after which network traffic seemed to have subsided; the person spoke on condition of anonymity because of the delicate nature of his job to maintain Internet infrastructure,” the Times continued.

To read this report in The New York Times in full, see:
www.nytimes.com/2012/04/01/technology/no-signs-of-attack-on-internet.html

To read an earlier New York Times report, see:
www.nytimes.com/2012/03/31/technology/with-advance-warning-bracing-for-attack-on-internet-by-anonymous.html

.РФ Internationalised Domain Name will translate DNS in Russian

16 November 2009 – the day Russian Federation officially applied for Cyrillic domain .РФ (.RF) to ICANN. This event was preceded by two years of collaboration between ICANN, Russian government, local internet-society and key market players.The great beginning…Russian language has quite long history in DNS. First domain names in Cyrillic appeared in 2001 – as a test prior to introduction of second- and third-level IDNs (Internationalized domain names) they were registered by VeriSign in .COM and .NET. For example, there was a domain Кремль.com, analog to Latin Kremlin.com.In 2003, after IDNs were approved by ICANN and became available in various ccTLDs and gTLDs, the idea of Cyrillic domain names in .RU (Russian national TLD) emerged. To 2006 it was close to realization, but small incompleteness in the rules of registration of non-Latin domain names in .RU caused splash of cybersquatting. The fact was that the owners of .RU domains in Latin could pretend on graphically similar names in Cyrillic. This mistake compelled Russian registrars and then Coordination Center for TLD RU (registry for .RU) to declare against non-Latin names in Russian national domain. The final decline of the idea in the middle of 2007 was also caused by new initiative of ICANN – introduction of IDN top-level domains.In April 2008 just elected President Dmitry Medvedev got to know about this possibility in near future and declared creation of national Cyrillic TLD as a key priority for Internet development in Russia. Of course, such words speeded up Russian government’s activities in getting the IDN TLD. In June 2008 Russia sent to ICANN official letter of interest, which stated intentions of the country to get national non-Latin domain as soon as possible.Prior to this letter several polls were hold by local registrars and Coordination center for TLD RU intended to feel Russian internet-users’ out on the idea of introduction of Cyrillic domain zone. In particular, in such survey organized by RU-CENTER participated more than 10 000 users and about 60% of them said “yes” to Russian non-Latin top-level domain.But that time in Russia there were also enough people who didn’t understand the reason for creation of national IDN TLD. Due to the lack of information about this initiative they thought this domain might separate the country from global Web. Also they were afraid of cybersquatting and technical problems that in their opinion might occur after the appearance of Cyrillic symbols to DNS. Of course, most of their arguments against top-level IDNs were incorrect. For example, the idea that introduction of non-Latin TLD is a good chance for Russian government to build local Internet easy to control has nothing common with reality – web-sites in Cyrillic domain will be available from all over the world. Of course it will be hard to access them without Cyrillic keyboard, but in this case virtual keyboard might be easily downloaded and installed. It’s also important to mention, that all modern browsers support non-Latin domain names, so there is no threat they will be unavailable.Except the discussion about expediency of creation Cyrillic TLD, another one dispute emerged about possible designation of the domain. The main proposal was to use a combination of symbols “РФ” (RF) for this purpose, but some users had different opinion. They thought it would be better to call Russian top-level IDN “РУ” – this name is full Cyrillic analog to ccTLD RU. But such label could not be used, because written in small letters it was graphically similar to .py, Latin country-code domain of Paraguay. So, in case Russian .РУ had been approved, a huge risk of cybersquatting would have appeared. Also this designation had no chances to be chosen because it didn’t suite the rules, ICANN developed for IDN ccTLDs. First of all “РУ” didn’t contain unique Cyrillic symbols, and secondly it had no sense to local internet-society.In the long run “РФ” became the official name for Russian national top-level non-Latin domain. It happened in October 2008, when Russia filed prior application to ICANN on the issue. In that document Coordination center for TLD RU was proposed as a registry for Cyrillic TLD.During 2009 this organisation prepared technical and legal base for delegation domain .РФ (.RF) to Russia. On the 16 of November 2009 all documents necessary for introduction Russian IDN TLD were transferred to ICANN to be considered according to Fast Track process. The registration process in .РФ will start even before Russian application will be approved – on 25 November, 2009. According to plans of Coordination Center for TLD RU Russian non-Latin top-level domain will be delegated by IANA in the beginning of 2010.What’s next?To prevent cybersquatting from 25 November, 2009 to 25 March, 2010 names in .РФ will be available for registration only to Russian trademark owners. At this time domains in Cyrillic top-level IDN will be also reserved for governmental bodies.From 8 April, 2010 registration will be opened to everyone. It starts with “Holland auction”: the price for the domain names will be high in the beginning, reducing step by step to the usual price. This step is taken to provide fair distribution of most valuable domain names.The cost of registration in .РФ will come down to standard to July 2010 and will be the same as in ccTLD .RU or even lower. For the first year in Cyrillic TLD about 500 000 domains may be registered.The introduction of IDN .РФ will make Internet more convenient for Russian-speaking people, who will be able to type habital Russian words in address bar directly in Cyrillic without necessity to remember correct Latin transcripts of them. This opportunity will be especially useful for people who do not know English well: addresses in Russian make Web for them quite easy to access. It’s important for Russian authorities, who plan to provide all governmental services via Internet in the future.In such circumstances it’s no surprise that Russia has very strong motivation to get TLD .РФ. And today the country is as close to success in its aspiration, as it has never been before.The article was prepared by RU-CENTER, Russian domain name services provider, the biggest registrar in ccTLDs RU, SU and the accredited registrar in IDN TLD .РФ.

BIND 9.5

Written in .internetnews.com

Though DNS (define), the Domain Name Service that translates domain names into IP addresses, has been in use for 25 years, there is always room for it to improve.

The same is true for BIND (Berkeley Internet Name Domain), which has been around since 1985 and is widely considered the pre-eminent DNS server.

With the release of BIND 9.5 this week, the open source DNS server takes another step forward with new statistics, improved ActiveDirectory support and support for DHCID (Dynamic Host Configuration Protocol Information).

The improvements suggest that innovation in DNS marches on, as well as timing. The latest BIND 9.5 follows the BIND 9.4 release by nearly 15 months. Before that, the release between previous versions took about three years.

To further read the article : http://www.internetnews.com/dev-news/article.php/3752341/Room+for+More+in+BIND+DNS+Release.htm