Home / Industry

Afilias Secures Millions of Internet Domains from BIND 9 Vulnerability with DNS Diversity Strategy

Afilias, a global provider of Internet infrastructure services, today announced that its DNS network, which supports approximately 10 percent of the Internet's domain names, is secure from the recently announced BIND 9 vulnerability that could cause a denial of service (DoS) attack against DNS name servers. Afilias' network and customers are protected by its DNS diversity strategy, which avoids single points of failure like sole reliance on a single DNS resolution software such as BIND.

"Afilias has a fundamental security strategy in place across our DNS operations that integrates diversity at every layer of our infrastructure. Most critical to this strategy is ensuring diversity in DNS software," said Ram Mohan, Executive Vice President and Chief Technology Officer. "An organization can build bigger hardware or expand its geographic footprint, but by running a single type of DNS software, whether open source or proprietary, they will always be completely vulnerable to zero day exploits like the one revealed this week with BIND."

Afilias' DNS network runs both BIND and NSD, two popular, proven and open source DNS resolution software brands. Running both software products synchronously ensures that Afilias can simply remove one from production while it is patched or upgraded, ensuring seamless DNS resolution and 100 percent uptime. The same cannot be said of systems using a single flavor of software, whether open source or proprietary.

The BIND security vulnerability announced by ISC on July 28th, enables an attacker to send a specially crafted Dynamic Update request that can crash a DNS name server. All organizations running BIND 9 are required to upgrade their version to 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. Afilias has already upgraded its version of BIND.
"Afilias supports large scale domains like .INFO and .ORG as well as our Managed DNS business, and serves billions of queries daily. Our DNS diversity strategy ensures that our network was never in jeopardy, and that the 15 million domain names we are responsible for were always accessible online," add Mohan.

Afilias has also published a new white paper entitled "5 Dimensions of Diversity: A Winning Strategy for Securing your DNS" which details its guidelines for how organizations can deploy diversity in their DNS networks to improve their security and reliability. The white paper can be downloaded here.

About BIND
Berkeley Internet Name Domain (BIND) is the industry standard software for domain name resolution services. In active service for over 20 years, BIND has survived the rapid expansion of the Internet and become more widely deployed than any other DNS software. As open-source software, unlike proprietary solutions, its code has been scrutinized, tested and battle-hardened by hundreds or thousands of programmers over the years.

About Afilias


Afilias is the world's second largest domain registry, with more than 20 million names under management. Afilias powers a greater variety of top-level domains than any other provider, and will soon support hundreds of new TLDs now preparing for launch. Afilias' specialized technology makes Internet addresses more accessible and useful through a wide range of applications, including Internet domain registry services, Managed DNS and mobile Web services like goMobi® and DeviceAtlas®. Learn More

Related topics: DNS, Registry Services, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Radix Launches Startup League at TechCrunch

Celebrating One Year of .online

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Afilias Acquires Premium TLDs .ARCHI, .BIO and .SKI

Radix Adds Dyn as a DNS Service Provider

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

.STORE Grosses Over $1 Million Before the Close of Day 1

Dyn Partners with the Internet Systems Consortium to Host Global F-Root Nameservers

Verisign Announces .コム Domain Names Are Now Available for Anyone to Register

NBA & NFL Teams Drive .store Sunrise Score to 647

New TLD .STORE Crosses 500+ Sunrise Applications

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Sponsored Topics


DNS Security

Sponsored by


Sponsored by


Sponsored by
Afilias - Mobile & Web Services


Sponsored by
Afilias - Mobile & Web Services