Extra Feeds & Services »

Home / Industry

DNSSEC FUD Buster: DNSSEC is Not Necessary?

  • Nov 06, 2008 12:55 AM PDT
  • Views: 2,199
Print
By PIR
PIR

.ORG, The Public Interest Registry is pleased to announce the next guest blogger for our DNSSEC FUD Buster series. Ram Mohan is the Executive Vice President, & Chief Technology Officer of Afilias Limited. Ram has led the strategic growth initiatives at Afilias Limited in registry services and security as well as new product sectors such as RFID/Auto-ID, global DNS and Internationalized Domain Names (IDNs). He joined the ICANN Board of Directors in November 2008 as a non-voting liaison from the Security and Stability Advisory Committee (SSAC), a Board advisory committee comprised of Internet pioneers and technical experts including operators of Internet root servers, registrars, and Top-Level Domain (TLD) registries. Ram will provide valuable information to our readers on the importance of DNSSEC.

I hear some talk out there that DNSSEC is not necessary. This is troubling to hear for someone in my role as a CTO in a technology company working on critical infrastructure. DNSSEC is an addition to the existing Domain Name System (DNS) protocols. It is designed to add security to the DNS by protecting the Internet from specific attacks, namely data modifications (a.k.a. cache poisoning) and traffic hijacking. DNSSEC adds origin authentication of DNS data and authenticated denial of existence. If you run a large or medium sized enterprise, are using or plan to use Service Oriented Architectures (SOAs) or Cloud/Grid computing, you depend upon having servers and services accessible and available—and that the RIGHT service provider will respond to your website and email traffic.

Without DNSSEC, users accessing your critical services hosted on a cloud somewhere can be hijacked and taken elsewhere without their knowledge or control.

Imagine having services sitting on a SoA platform, with access to these services being mimicked by a hacker who redirects your users and steals critical information and causes your organization reputational (and financial) harm.

The bottom line is that without DNSSEC, no website or email is safe from a potential traffic hijacking. Internet security researcher Dan Kaminsky proved it can be done in just a few seconds.


Related topics: DNS, DNSSEC, Domain Registries, Security, Top-Level Domains

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print

Industry Updates – Sponsored Posts

Latest Brandjacking Index Examines How Fraudsters Abuse Financial Brands

NeuStar Addresses DNS Vulnerability with Cache Defender, a Secure DNS Authentication System

NeuStar Celebrates 10 Years of UltraDNS Managed DNS Service

A Seemingly Overwhelming Number of Important Documents Released by ICANN

.ORG First Open Top-Level Domain to be Signed with DNSSEC

  • By PIR
  • Views: 860

DNSSEC Industry Coalition Symposium is Announced

  • By PIR
  • Views: 908

dotMobi Names AutoTrader.mobi as Millionth Site Tested by Acclaimed mobiReady Tool

NeuStar's UltraDNS to Power Growth of NDTV Convergence

SPIL GAMES Chooses MarkMonitor for Global Domain Management

Mobile Banking Benchmarks Now Available

Facebook Selects MarkMonitor Antifraud Solutions to Combat Malware

Perspectives from a Nonprofit Domain Name Registry on Navigating the Social Media Frontier

  • By PIR
  • Views: 1,857

Flawed Economic Analysis of New gTLDs

Benchmarks that Measure Five Critical Dimensions of Success for Mobile Websites

MarkMonitor AntiFraud Solutions, Combining Proven Antiphishing and Expert Antimalware Capabilities

Go Daddy Launches Instant Mobilizer from dotMobi

New Study of Mobile Web Trends Demonstrates Strong Growth of Mobile Content Availability

Identify Infringing Domains to Optimize Online Search Marketing Spend

dotMobi Announces Launch of First Two-Letter Mobile Domain by Nevada Commission on Tourism

DomainPeople Opens .Tel General Registration with Prices that are 90% from Landrush Rate

View More