Other articles

  1. DNS Amplification Attacks

    There has been a lot of talk recently about DNS amplification attacks (with prominent news reports of high bandwidth attacks targeted at anti-spam services, cloud providers, financial institutions, etc). These are a class of denial of service attack that use DNS servers to emit large amounts of traffic onto unsuspecting …

    read more
  2. DNSSEC and Certificates

    DNSSEC is a system to verify the authenticity of DNS data using public key signatures. With increasing deployment of DNSSEC comes the possibility of applications using the DNS to store and retrieve TLS/SSL certificates in an authenticated manner. And possibly obviating the need for public/global certification authorities (CA …

    read more
  3. Penn's DNS Zone

    Some data from a quick analysis of the contents of the University of Pennsylvania's primary DNS zone (upenn.edu):

    Zone: upenn.edu.
      Total RR     = 624221
      Total RR     = 159928 (excluding DNSSEC records)
      Total RRsets = 464295
      Total RRsets = 155165 (exluding DNSSEC records) 
      Total Names  = 154570
      TTL min, max, avg = 0, 114000, 38562 …
    read more
  4. IPv6 and DNS+DNSSEC Classes I'm Teaching

    I'm teaching two half day classes on IPv6 and DNS/DNSSEC at the LOPSA PICC conference (Professional IT Community Conference), being held May 11-12, 2012 in New Brunswick, NJ. This is a regional IT and system administration conference run by the New Jersey chapter of the League of Professional System …

    read more