DNS vulnerability, configuration errors can cause DDoS
Guest Post: An overlooked DNS vulnerability that, when combined with a configuration error, is leading to massive DNS traffic surges.
Tag: DNS
Notes from ICANN’s DNS Resolver Symposium
Resolver evolution, what users want, DNS tunnelling, and more from the recent Resolver Operator Forum.
How widely adopted is anycast in the DNS?
Guest Post: A handful of large operators have been behind a significant increase in the adoption of anycast in top-level and second-level domains since 2017.
Toward managing network traffic by domain name
Guest Post: A framework for monitoring traffic by domain name in the data plane by extracting the client IP, server IP, and domain name from DNS response messages and associating the domain name with data traffic.
Event Wrap: DNS-OARC 36
Geoff Huston presented at DNS-OARC 36, held online from 29 to 30 November 2021.
Notes from DNS-OARC 36
Slack’s DNSSEC debacle, NSEC problems, Measuring DNSSEC, and more from DNS-OARC 36.
NPM, encryption, and the challenges ahead: Part 2
Guest Post: Encryption forced NPM vendors to evolve. Part 2 of this series discusses NPM’s evolution, including synthetic testing as one recent advancement.
Help develop the DNS Data Dictionary
Guest Post: The DNS Data Dictionary seeks to map what is in existing relevant protocols and prevent divergence in new protocols.
Event Wrap: DINR 2021 Virtual Workshop
APNIC’s Geoff Huston presented on active vs passive DNS measurements at the DINR 2021 Virtual Workshop, held online from 16 to 17 November 2021.
Modern OSes are prone to side-channel-based DNS cache poisoning attacks
Guest Post: Researchers show how SAD DNS attacks allow an off-path attacker to inject malicious DNS records into a DNS cache.