Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Blogs

How to Prepare for the Day When Your Domain(s) Are Misbehaving

Chris Griffiths

For a number of years, there have been many different high profile incidents where major websites were defaced, taken offline, or crippled due to issues related to their domain registration. Last night, there was an incident where several high profile domains went offline due to issues at their registrar, and they are now coming back online after what I am sure was a few crazy hours for their operations teams and management. (Network Solutions released a statement Thursday afternoon that the attack wasn't malicious.)

Whether through social engineering hacks, defacements, or through operational errors, managing domain portfolios needs consistent management, and a well thought out plan to deal with worst case scenarios. I have spent a number of years designing for these worst case scenarios for many large domain portfolios, and I wanted to provide some high level guidance for domain owners and administrators on how to effectively prepare for such incidents.

Ensure That Your Organization Has A Well Thought Out Plan To Deal With A Domain Failure

Domain failures do happen whether from human error, hijacking, etc. Ensuring that the domain owners' organization has a plan to deal with a failure is critical, and this plan should be shared with the proper areas of the organization so everyone knows how to react when an issue comes up. I would also recommend reviewing this plan yearly at minimum in order to ensure that all people and processes are in alignment with the plan and adjust it accordingly as things can and will change over time.

Know The Right People And Organizations To Contact

When an emergency hits, making sure you have the correct contacts for escalations is key. Whether it's your registrar or your DNS provider's contacts, or your internal teams and escalation points of contact, every minute counts when there is an outage. Make sure you have an updated contact list for anyone that can assist in restoring your domain(s) and services. Also, make sure that your registrar and DNS provider has your organization's contact information and escalation list.

Do Not Use A Single Person To Manage Your Domains

This may seem like a simple concept, but having one person who controls everything can lead to a single point of failure, and open your domains up to various failures when and if that person can no longer participate in the management of the domains. Instead, use a chain of custody for your domains by utilizing several layers of people to approve and implement changes. This allows for multiple people failures (people out on vacation, sick time, etc).

Connect With People And Organizations That Can Help

There are many great people and organizations that work in the domain and DNS industry. Make sure you connect with them so that when, and if, a situation arrives, you can reach out to them for assistance, and in turn, they may just reach out to you as well. They all hold meetings throughout the year and have active email lists that you can participate in. It is a great way to get to know people and companies in the industry, and the relationships you build may come in handy at some point: ICANN, NANOG, RIPE, DNS-OARC

By Chris Griffiths, VP, Labs for Dyn
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

Mobile Internet

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.