Blog Post

Reducing the Risks of BYOD with DNS-based Security Intelligence; Part 2: Taking Control

By Thomas Orthbandt

Posted on January 29, 2013 in: Security

Tags: ,

In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise’s caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. These domains are the domain names of the servers that are in the control of the bot master for purposes of botnet command and control. Bots will perform a DNS query for one or more of these domains in an attempt to connect to these servers in order to receive their instructions. By monitoring queries to these domains, all infected clients, including BYOD, can be identified on the network. Moreover, by subsequently blocking access to the domains, malware responsible for the bot infection is denied the critical instructions it needs to function.

Read more

Blog Post

Ghosts in the DNS machine

By Thomas Orthbandt

Nominum Logo

Posted on February 14, 2012 in: Network

Tags: , ,

There was an intriguingly named vulnerability revealed this week: Ghost Domains.  A paper describing it can be found here.  A team of researchers in China discovered a way to allow a domain to remain reachable in the DNS even after it has been revoked from a TLD.  It looks like they expended a lot of energy testing their new idea and discovered there are several caching DNS software releases that are vulnerable.

Blog Post

Advantage DNS

By Thomas Orthbandt

Nominum Logo

Posted on January 17, 2012 in: Network

Tags: , ,

The DNS has played an essential role since the earliest days of the Internet, resolving an IP address when given a domain name.  Now it’s being considered for security applications.  There are many fundamental reasons why it makes sense:

Read more

Blog Post

Smarter DNS Makes a Smarter Security Solution

By Thomas Orthbandt

Nominum Logo

Posted on December 20, 2011 in: Network, Security

Tags: , , ,

Network operators and IT departments constantly reassess their security exposure and evaluate the best methods for protecting their networks and end users.  New security solutions are always emerging to help them and one that’s starting to receive a lot of attention is the DNS.  That’s raising an obvious question: “how in the world does the DNS become a security platform?”.

Read more

Blog Post

Resilient DNS: Maximizing Internet Performance and Preparing for DDOS (part 3 of 3)

By Thomas Orthbandt

Nominum Logo

Posted on December 8, 2011 in: Network, Security

Tags: , , , ,

Just as it’s important for service providers and enterprises to maximize the performance and availability of their caching DNS servers, it’s important for brand owners and IT departments to ensure the robustness of their Authoritative DNS.  Some of the issues are similar, but ensuring security of Authoritative data also has to be considered.

Read more

Blog Post

Resilient DNS: Maximizing Internet Performance and Preparing for DDOS (part 1 of 3)

By Thomas Orthbandt

Nominum Logo

Posted on November 14, 2011 in: Network, Security

Tags: , , , ,

For network operators, recursive (caching) DNS is a critical service. Without good, fast DNS service, the Internet service appears slow and unresponsive. Caching DNS systems must also be capable of absorbing “spikes” in traffic which can occur for a multitude of reasons – peak loads, Internet events, DoS etc.

Read more

1 2