Tracing the DDoS attack ecosystem from the Internet core
Guest Post: New method observes DDoS intensity by measuring infrastructure involved in attacks using IXPs.
Guest Post: New method observes DDoS intensity by measuring infrastructure involved in attacks using IXPs.
Guest Post: Are current practices of managing IP addresses, domains, certificates, and virtual platforms insecure?
Geoff Huston shared insights on the future of the DNS at the APAC DNS Forum, held online from 30 March to 1 April 2022.
Handling resolution failure, truncated responses, stateful hash-based DNSSEC signatures, and more.
Guest Post: There are two types of nameservers, and which one the term ‘nameserver’ refers to depends on the context.
Guest Post: Using the power of the DNAME record type, study shows DNS can express regular languages and pushdown systems.
Guest Post: By transferring pre-existing trust from the zone’s DNS operator, a new in-band solution would simplify and secure automation of DNSSEC deployment.
Geoff Huston presented on DNS openness at NANOG 84, held from 14 to 16 February 2022 in Austin, Texas.
Zone file bug hunting, Adaptive DNSSEC, failure behaviour in the DNS, and more from DNS-OARC 37.
Guest Post: DNS transparency is a gaping hole in Internet security.