DNS / Featured Blogs

The TPP and the DNS

On November 5, 2015 the Office of the U.S. Trade Representative (USTR) released the official text of the Trans-Pacific Partnership (TPP). That text consists of 30 separate Chapters totaling more than 2,000 pages, and is accompanied by four additional Annexes and dozens of Related Instruments. Only those who negotiated it are likely to have a detailed understanding of all its provisions, and even that probably overstates reality. more»

The Incredible Value of Passive DNS Data

If a scholar was to look back upon the history of the Internet in 50 years' time, they'd likely be able to construct an evolutionary timeline based upon threats and countermeasures relatively easily. Having transitioned through the ages of malware, phishing, and APT's, and the countermeasures of firewalls, anti-spam, and intrusion detection, I'm guessing those future historians would refer to the current evolutionary period as that of "mega breaches" (from a threat perspective) and "data feeds". more»

Internet Society's New Policy Brief Series Provides Concise Information On Critical Internet Issues

Have you ever wanted to quickly find out information on key Internet policy issues from an Internet Society perspective? Have you wished you could more easily understand topics such as net neutrality or Internet privacy? This year, the Internet Society has taken on a number of initiatives to help fill a need identified by our community to make Internet Governance easier to understand and to have more information available that can be used to inform policymakers and other stakeholders about key Internet issues. more»

Steering Website Traffic with Managed DNS vs. IP Anycast

I recently read an interesting post on LinkedIn Engineering's blog entitled "TCP over IP Anycast -- Pipe dream or Reality?" The authors describe a project to optimize the performance of www.linkedin.com. The web site is served from multiple web server instances located in LinkedIn's POPs all over the world. Previously LinkedIn used DNS geomapping exclusively to route its users to the best web server instance, but the post describes how they tried using BGP routing instead. more»

NANOG 65 Report

NANOG 65 was once again your typical NANOG meeting: a set of operators, vendors, researchers and others for 3 days, this time in Montreal in October. Here's my impressions of the meeting... The opening keynote was from Jack Waters from Level 3, which looked back over the past 25 years of the Internet, was interesting to me in its reference to the "Kingsbury Letter". more»

Thoughts on the Open Internet - Part 5: Security

Any form of public communications network necessarily exposes some information about the identity and activity of the user's of its services. The extent to which such exposure of information can be subverted and used in ways that are in stark opposition to the users' individual interests forms part of the motivation on the part of many users to reduce such open exposure to an absolute minimum. The tensions between a desire to protect the user through increasing the level of opacity of network transactions to third party surveillance, and the need to expose some level of basic information to support the functions of a network lies at the heart of many of the security issues in today's Internet. more»

Thoughts on the Open Internet - Part 4: Locality and Interdependence

The Internet was not originally designed as a single network that serviced much of the world's digital communications requirements. Its design was sufficiently flexible that it could be used in many contexts, including that of small network domains that were not connected to any other domain, through to large diverse systems with many tens of thousands of individual network elements. If that is indeed the case, then why is it that when networks wish to isolate themselves from the Internet, or when a natural calamity effectively isolates a network, the result is that the isolated network is often non-functional. more»

Thoughts on the Open Internet - Part 3: Local Filtering and Blocking

The public policy objectives in the area of content filtering and blocking space are intended to fulfil certain public policy objectives by preventing users within a country from accessing certain online content. The motives for such public policies vary from a desire to uphold societal values through to concessions made to copyright holders to deter the circulation of unauthorised redistribution of content. more»

The Growth of DNS-OARC Highlights Great Strides in DNS Research

This past weekend several of my Dyn colleagues and I attended the DNS-OARC annual meeting and fall workshop in Montreal. "OARC" in the organization's title stands for "Operations, Analysis and Research Center". DNS-OARC was founded by the Internet Systems Consortium (best known as the maintainers of the BIND DNS software) in 2004 to address a gap in the DNS community. Engineers working to extend the DNS protocol itself have always had a home in the Internet Engineering Task Force (IETF), but there was no corresponding community for those who operated DNS infrastructure and did research using data gleaned from DNS operations. more»

Watch Live Oct 1 - Dyn's Techtoberfest: Internet Trends, Security, Net Neutrality and More

On Thursday, Oct 1, 2015, from 9:30am-4:30pm US EDT (UTC-4), Dyn will be holding their "TechToberFest" event in Manchester, NH, and also streaming the video live for anyone interested. There are a great set of speakers and a solid agenda. As I wrote on the Internet Society blog, I'll be part of the security panel from 3-4pm US EDT... and we who are on the panel are excited to participate just for the conversation that we are going to have! It should be fun! more»