Modern OSes are prone to side-channel-based DNS cache poisoning attacks
Guest Post: Researchers show how SAD DNS attacks allow an off-path attacker to inject malicious DNS records into a DNS cache.
Tag: DNS
NPM, encryption, and the challenges ahead: Part 1
Guest Post: Encryption and cloud adoption are creating hurdles for network performance monitoring vendors. To survive, solutions must evolve or die.
Adoption of DNS security mechanisms related to ease-of-use, cost
Guest Post: Study shows ease-to-deploy and cost are important factors when it comes to using DNS security mechanisms.
Notes from DINR 2021
Presentations at DINR 2021 demonstrated a world of detail and complexity in current DNS research.
DNS at IETF 112
Geoff Huston on currently active IETF DNS discussion.
Notes from NANOG 83
Presentations on famous Internet outages, Internet control, anycast, and the future of IPv6.
RSA vs ECDSA for DNSSEC
Measuring whether we should use ECDSA.
DNS-over-TCP considered vulnerable
Guest Post: There are several ways attackers can force TCP to fragment for inclusion in IP fragmentation attacks.
DNSSEC provisioning automation with CDS/CDNSKEY in the real world
Guest Post: How DNSSEC Delegation Trust Maintenance can be automated via the DNS itself.
DNS openness
The evolution of the DNS reflects broader market pressures in the Internet at large.