Last month Microsoft led an effort to take control of a domain – 3322.org – in order to disrupt more than 500 different strains of malware affecting millions of innocent people around the world. Using a surgical approach implemented with software from Nominum, Microsoft was able to sinkhole traffic to malware subdomains hosted on 3322.org without impacting queries to legitimate subdomains. Numerous articles covered the effort; some of the better ones are below:
One of the challenges network operators face is responding quickly to market requirements. Agility is the new normal, competitive leadership is based on moving quickly. But progress can be slowed by the disparate interests of marketing or business teams, and technical or operational teams. Marketing can spot trends and identify new services, but it can be difficult to get them implemented quickly in the network when stability is rightfully paramount.
Ten years ago everyone evaluating DNS solutions was always concerned about performance. Broadband networks were getting faster, providers were serving more users, and web pages and applications increasingly stressed the DNS. Viruses were a factor too as they could rapidly become the straw that broke the camel’s back of a large ISP’s DNS servers. The last thing a provider needed was a bottleneck, so DNS resolution speed became more and more visible, and performance was everything.
The transition to IPv6 is top of mind for most service providers. Even in places where there are still IPv4 addresses to be had surveys we’ve run suggest v6 is solidly on the priority list. That’s not to say everyone has the same strategy. Depending where you are in the world transition options are different – in places such as APAC where exhaustion is at hand one of the many NAT alternatives will likely be deployed since getting a significant allocation of addresses is not going to happen and other alternatives for obtaining addresses will prove expensive. Ditto the European region, who is next on the list to find the IPv4 shelves bare.
With IPv6 World Launch coming up it’s worth pausing to consider the collective efforts of the Internet industry in enabling and deploying an essential evolutionary technology at what will become truly massive scale. It’s easy to be a detractor and believe there has been little progress – but the Internet hasn’t melted down and there is no evidence it is about to. Perhaps the issue is that progress occurred in a different way than was predicted or preferred by the experts. The reality is providers everywhere have developed coping mechanisms for IPv4 exhaustion. Innovation, operational sweat, and perhaps some tough negotiating make it happen. But isn’t that the essence of the Internet?
Mobile networks aren’t usually thought of as sources of spam, but a quick look at some of the resources that track spam reveals they actually are. This is counter intuitive at first glance because when most people think of mobile they think of smartphones, and those aren’t known to be sources of spam (at least not yet). What’s really going on is PCs connected to mobile networks with air cards, or tethered with a smartphone where it’s permissible, are the culprits. Bot infected PCs aren’t at all uncommon, and of course bots don’t especially care if they’re using a costly mobile data service to send their spam.
This blog has talked a lot about how the DNS can provide network-based security, and how DNS is in the best position to detect malware traffic before it does any harm.
But what does this mean for end users? How does it make their online lives easier and more secure?
Spam is a never-ending problem for service providers. Unfortunately criminals can still make money at someone else’s expense so they persist in their mindless campaigns. The DNS is an integral part of well-established techniques for handling incoming spam, so unwanted mail doesn’t get delivered to inboxes.