Home / Industry

Afilias Secures Millions of Internet Domains from BIND 9 Vulnerability with DNS Diversity Strategy

Afilias, a global provider of Internet infrastructure services, today announced that its DNS network, which supports approximately 10 percent of the Internet's domain names, is secure from the recently announced BIND 9 vulnerability that could cause a denial of service (DoS) attack against DNS name servers. Afilias' network and customers are protected by its DNS diversity strategy, which avoids single points of failure like sole reliance on a single DNS resolution software such as BIND.

"Afilias has a fundamental security strategy in place across our DNS operations that integrates diversity at every layer of our infrastructure. Most critical to this strategy is ensuring diversity in DNS software," said Ram Mohan, Executive Vice President and Chief Technology Officer. "An organization can build bigger hardware or expand its geographic footprint, but by running a single type of DNS software, whether open source or proprietary, they will always be completely vulnerable to zero day exploits like the one revealed this week with BIND."

Afilias' DNS network runs both BIND and NSD, two popular, proven and open source DNS resolution software brands. Running both software products synchronously ensures that Afilias can simply remove one from production while it is patched or upgraded, ensuring seamless DNS resolution and 100 percent uptime. The same cannot be said of systems using a single flavor of software, whether open source or proprietary.

The BIND security vulnerability announced by ISC on July 28th, enables an attacker to send a specially crafted Dynamic Update request that can crash a DNS name server. All organizations running BIND 9 are required to upgrade their version to 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. Afilias has already upgraded its version of BIND.
"Afilias supports large scale domains like .INFO and .ORG as well as our Managed DNS business, and serves billions of queries daily. Our DNS diversity strategy ensures that our network was never in jeopardy, and that the 15 million domain names we are responsible for were always accessible online," add Mohan.

Afilias has also published a new white paper entitled "5 Dimensions of Diversity: A Winning Strategy for Securing your DNS" which details its guidelines for how organizations can deploy diversity in their DNS networks to improve their security and reliability. The white paper can be downloaded here.

About BIND
Berkeley Internet Name Domain (BIND) is the industry standard software for domain name resolution services. In active service for over 20 years, BIND has survived the rapid expansion of the Internet and become more widely deployed than any other DNS software. As open-source software, unlike proprietary solutions, its code has been scrutinized, tested and battle-hardened by hundreds or thousands of programmers over the years.

About Afilias

Afilias

Afilias is the world's second largest domain registry, with more than 20 million names under management. Afilias powers a greater variety of top-level domains than any other provider, and will soon support hundreds of new TLDs now preparing for launch. Afilias' specialized technology makes Internet addresses more accessible and useful through a wide range of applications, including Internet domain registry services, Managed DNS and mobile Web services like goMobi® and DeviceAtlas®. (Learn More)

Related topics: DNS, Registry Services, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

General Availability Period for New .RED Top-Level Domain Opens

General Availability Period for New .BLUE Top-Level Domain Opens

General Availability Period for New .PINK Top-Level Domain Opens

New Chinese "Mobile" Top-Level Domain Now Available

New .KIM Domain Goes Live

Welcome .SHIKSHA! General Availability Now Open

Adrian Kinderis Appointed as Chair of Domain Name Association

Why We Decided to Stop Offering Free Accounts

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Afilias Chairman Appointed to Domain Name Association Board

.BUILD Enters Landrush with Support of ARI Registry Services

Dyn Acquires Managed DNS Provider Nettica

Afilias Welcomes "Dot Chinese Online" and "Dot Chinese Website" Top-Level Domains to the Internet

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Joining Forces to Advance Protection Against Growing Diversity of DDoS Attacks

Afilias Welcomes .ONL and .RICH to the Internet

Why Managed DNS Means Secure DNS

Neustar Selected to Continue Administering the .US Domain

Sponsored Topics