IP fragmentation and the DNS — mitigation
Guest post: How to lower the risk of fragmentation-based DNS attacks.
Tag: DNSSEC
Improving SSH’s security with SSHFP DNS records
Guest Post: Measuring the prevalence of SSHFP records among DNS domain names.
Event Wrap: mnNOG 4
APNIC presented on IPv6 and conducted training at mnNOG 4, held from 23 to 27 October 2022 in Ulaanbaatar, Mongolia.
Notes from DNS-OARC 39
KINDNS, DNSSEC deployment risks, fourteen years in the life of A-Root, DNS at the IETF, and more from DNS-OARC 39.
DNSSEC validation: Performance killer?
Guest Post: Are computer resources handicapped by DNSSEC validation?
[Podcast] DNS spoofing is a non-issue if we all do DNSSEC
DNS spoofing is a growing problem that can be stopped with a range of countermeasures or just DNSSEC.
Notes from IETF 114
ROV measurement, DANE Portal, IPv6 extension headers, congestion control, and more topics of interest from IETF 114.
Notes from DNS-OARC 38
DoQ for authoritative servers, DNS spoofing countermeasures at Google, the cost of DNSSEC validation, and more from DNS-OARC 38.
Addressing the challenges of modern DNS
Guest Post: A comprehensive look at real world deployments and open challenges.
[Podcast] Why a resolverless DNS makes sense
PING E15: Server push, combined with DNSSEC could help make DNS resolvers a thing of the past.