First new gTLDs added to the root

Posted on October 26, 2013 by mea

The four new gTLDs all use non-Latin scripts: شبكة (Arabic “web “), онлайн (“online” in Cyrillic), сайт (“sale” in Cyrillic) and 游戏 (“game” in Chinese). In total, the gTLD process will result in expansion of top-level domains from 22 to up to 1400.

More domains will be added to the root progressively. “ICANN’s New gTLD Program was designed to facilitate a measured rollout of new domains so as not to disrupt the Domain Name System,” ICANN said in a statement.

via First new gTLDs added to the root – gTLD, top-level domains – Computerworld.

How Do You Hijack a Popular Streaming Movie Site? With Ease, Apparently

Posted on August 18, 2013 by mea

“You don’t have to have access to any emails, passwords, or any other credentials. You simply grab the information from the WHOIS, write a letter with an attached photo-shopped ID with the same name, send it from a random email address, and the domain will be handed to you fairly quickly.”

via How Do You Hijack a Popular Streaming Movie Site? With Ease, Apparently | TorrentFreak.

Amazon AWS Route 53 GEO DNS Configurations

Posted on July 16, 2013 by mea

You can send visitors to different servers based on country of their IP address using Amazon Route 53 cloud based dns server. For example, if you have a server in Amsterdam, a server in America, and a server in Singapore, then you can easily route traffic for visitors in Europe to the Amsterdam server, people in Asia go to the Singapore server and those in the rest of the world be served by the American server.

via Amazon AWS Route 53 GEO DNS Configurations.

In this post, I will explain how to configure and test GeoDNS using AWS Route 53 service.

5 years after major DNS flaw is discovered, few US companies have deployed long-term fix

Posted on January 29, 2013 by mea

Network World – Five years after the disclosure of a serious vulnerability in the Domain Name System dubbed the Kaminsky bug, only a handful of U.S. ISPs, financial institutions or e-commerce companies have deployed DNS Security Extensions (DNSSEC ) to alleviate this threat.

via 5 years after major DNS flaw is discovered, few US companies have deployed long-term fix.

Authoritarian regimes push for larger ITU role in DNS system

Posted on December 9, 2012 by mea

The new proposal specifies that “member states have the right to manage all naming, numbering, addressing and identification resources used for international telecommunications/ICT services within their territories.” This seems to be a challenge to the authority of ICANN and IANA, the quasi-private organizations that currently oversee the allocation of domain names and IP addresses.

via Authoritarian regimes push for larger ITU role in DNS system | Ars Technica.

.mobi

Posted on November 28, 2012 by mea

The domain name mobi is a top-level domain (TLD) in the Domain Name System of the Internet. Its name is derived from the adjective mobile, indicating it’s used by mobile devices for accessing Internet resources via the Mobile Web.

The domain was approved by ICANN on 11 July 2005, and is managed by the mTLD global registry. It was originally financially backed and sponsored by Google, Microsoft, Nokia, Samsung, Ericsson, Vodafone, T-Mobile, Telefónica Móviles, Telecom Italia Mobile, Orascom Telecom, GSM Association, Hutchison Whampoa, Syniverse Technologies, and Visa, with an executive from each company serving on mTLD’s board of directors.^[1]^[2]^[3]

In February 2010, Afilias acquired mTLD Top-Level Domain Ltd. (known publicly as “dotMobi”).^[4]

via .mobi – Wikipedia, the free encyclopedia.

Better Defense Through Open-Source Intelligence

Posted on November 19, 2012 by mea

Reconnaissance, while commonly overlooked and discounted, is a key phase providing successful targeted attackers (and penetration testers) with information about the target, the target’s server and application technologies in use, employees, location, and much more. Often called OSINT, or open-source intelligence because it uses publicly available sources, the recon phase is anything that can help the attacker obtain his goal. Security pros can leverage the same tools and techniques as the attackers to identify unintentionally exposed devices on the Internet and users leaking sensitive information via social networking sites, and address those issues before they’re used during an actual attack.

via Tech Insight: Better Defense Through Open-Source Intelligence – Dark Reading.

There’s also the excellent Shodan computer search engine that contains service banners from Internet-accessible servers all over the world. Security pros can find all sorts of juicy information, like internal network and host names exposed through DNS, or unintentionally exposed services that Shodan has found without scanning or touching the target network.

Persistent Threat Detection on a Budget

Posted on November 8, 2012 by mea

It’s staggering to me how few security teams have gotten wise to regularly interrogating the logs from their recursive DNS servers. In many ways DNS logging can be considered sprinkling flour on the floor to track the footsteps of the culprit who’s been raiding the family fridge. Each step leaves a visible impression of where and how the intruder navigated the kitchen, and their shoe size.

via Persistent Threat Detection on a Budget « Damballa.

To turn on logging in bind use:

# rndc querylog

This puts all DNS queries into /var/log/messages. Just grep for named and pipe that into some custom perl script or whatever to run against a blacklist.

# grep named /var/log/messages | run_my_blacklist_script.pl

GoDaddy is Down, Anonymous Claims Responsibility

Posted on September 10, 2012 by mea

Godaddy.com is down, but so are some of the site’s DNS servers, which means GoDaddy hosted e-mail accounts are down as well, and lots more. It’s currently unclear if the servers are being unresponsive or if they are completely offline. Either way, the result is that if your DNS is hosted on GoDaddy, your site may also look as if it is down, because it cannot resolve.

via GoDaddy is Down, Anonymous Claims Responsibility.

Pingdom flagged this site as being down for 55 minutes starting at around 5:15AM.

PBXMate-FreeSWITCH-integration

Posted on June 7, 2012 by mea

The PBXMate software product from SoliCall is designed to improve voice quality by canceling echo, canceling noise and monitoring quality indicators. This article describes, in details, one option to integrating the PBXMate with FreeSWITCH in which both products are installed on the same Linux machine and a DNS is being used.

via PBXMate-FreeSWITCH-integration – FreeSWITCH Wiki.

Bucktown Bell

Cut to the chase.

Tag Archives: dns