Home / Industry

Afilias Secures Millions of Internet Domains from BIND 9 Vulnerability with DNS Diversity Strategy

Afilias, a global provider of Internet infrastructure services, today announced that its DNS network, which supports approximately 10 percent of the Internet's domain names, is secure from the recently announced BIND 9 vulnerability that could cause a denial of service (DoS) attack against DNS name servers. Afilias' network and customers are protected by its DNS diversity strategy, which avoids single points of failure like sole reliance on a single DNS resolution software such as BIND.

"Afilias has a fundamental security strategy in place across our DNS operations that integrates diversity at every layer of our infrastructure. Most critical to this strategy is ensuring diversity in DNS software," said Ram Mohan, Executive Vice President and Chief Technology Officer. "An organization can build bigger hardware or expand its geographic footprint, but by running a single type of DNS software, whether open source or proprietary, they will always be completely vulnerable to zero day exploits like the one revealed this week with BIND."

Afilias' DNS network runs both BIND and NSD, two popular, proven and open source DNS resolution software brands. Running both software products synchronously ensures that Afilias can simply remove one from production while it is patched or upgraded, ensuring seamless DNS resolution and 100 percent uptime. The same cannot be said of systems using a single flavor of software, whether open source or proprietary.

The BIND security vulnerability announced by ISC on July 28th, enables an attacker to send a specially crafted Dynamic Update request that can crash a DNS name server. All organizations running BIND 9 are required to upgrade their version to 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. Afilias has already upgraded its version of BIND.
"Afilias supports large scale domains like .INFO and .ORG as well as our Managed DNS business, and serves billions of queries daily. Our DNS diversity strategy ensures that our network was never in jeopardy, and that the 15 million domain names we are responsible for were always accessible online," add Mohan.

Afilias has also published a new white paper entitled "5 Dimensions of Diversity: A Winning Strategy for Securing your DNS" which details its guidelines for how organizations can deploy diversity in their DNS networks to improve their security and reliability. The white paper can be downloaded here.

About BIND
Berkeley Internet Name Domain (BIND) is the industry standard software for domain name resolution services. In active service for over 20 years, BIND has survived the rapid expansion of the Internet and become more widely deployed than any other DNS software. As open-source software, unlike proprietary solutions, its code has been scrutinized, tested and battle-hardened by hundreds or thousands of programmers over the years.

About Afilias

Afilias

Afilias is the world's second largest domain registry, with more than 20 million names under management. Afilias powers a greater variety of top-level domains than any other provider, and will soon support hundreds of new TLDs now preparing for launch. Afilias' specialized technology makes Internet addresses more accessible and useful through a wide range of applications, including Internet domain registry services, Managed DNS and mobile Web services like goMobi® and DeviceAtlas®. Learn More

Related topics: DNS, Registry Services, Security

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Afilias Acquires Premium TLDs .ARCHI, .BIO and .SKI

Radix Adds Dyn as a DNS Service Provider

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

.STORE Grosses Over $1 Million Before the Close of Day 1

Dyn Partners with the Internet Systems Consortium to Host Global F-Root Nameservers

Verisign Announces .コム Domain Names Are Now Available for Anyone to Register

NBA & NFL Teams Drive .store Sunrise Score to 647

New TLD .STORE Crosses 500+ Sunrise Applications

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Meet Boston Ivy, Home to Some of the Most Specialized TLDs in the Financial Services Sector

Move Beyond Defensive Domain Name Registrations, Towards Strategic Thinking

Is Your TLD Threat Mitigation Strategy up to Scratch?

Verisign Launches New gTLDs for the Korean Market, .닷컴 and .닷넷

Verisign Opens Landrush Program Period for .コム Domain Names

Domain Management Handbook from MarkMonitor

i2Coalition to Host First Ever Smarter Internet Forum

Afilias Announces Relaunch of .GREEN TLD

Sponsored Topics

Port25

Email

Sponsored by
Port25
Verisign

Security

Sponsored by
Verisign
Afilias

DNS Security

Sponsored by
Afilias
Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services