Articles about dns

An upset woman with an empty wallet

AWS DNS network hijack turns MyEtherWallet into ThievesEtherWallet

Updated Crooks today hijacked internet connections to Amazon Web Services systems to ultimately steal a chunk of alt-coins from online cryptocurrency website MyEtherWallet.com. The Ethereum wallet developer confirmed on Tuesday morning that thieves redirected DNS lookups for its dot-com to a malicious website masquerading as the real …
Shaun Nichols, 24 Apr 2018
Oblivious

Sorry spooks: Princeton boffins reckon they can hide DNS queries

The Domain Name System (DNS) is a plain-text service that lets anyone who can see “the wire” capture a user's DNS traffic and work out whether they're asking for naughty.com or nice.com. So to help enhance its privacy a group of researchers has proposed a more "Oblivious DNS” protocol. However, as the group explained here, …
Illustration of someone's privacy being invaded

Cloudflare touts privacy-friendly 1.1.1.1 public DNS service. Hmm, let's take a closer look at that

Updated Cloudflare has revealed a deal with regional internet registry APNIC to provide a possibly more privacy-conscious DNS resolver at a prestige network address, 1.1.1.1. The biz contends DNS – which translates human-friendly domain names like theregister.com into numeric IP addresses, such as 159.100.131.165, used by software – …
DNS toolkit

The DNS was designed for diversity, but site admins aren't buying

The world's top eight DNS providers now control 59 per cent of name resolution for the biggest Websites - and that puts the Web at risk, according to a group of Harvard University researchers. The group was led by Harvard's Shane Greenstein, and warned that since 2011, the "entropy" of the DNS (referring to how widely …
Frayed string

BIND comes apart thanks to ancient denial-of-service vuln

Back in 2000, a bug crept into the Internet Systems Corporation's BIND server, and it lay unnoticed until now. The result: if you're running a vulnerable version of BIND and using DNSSEC, you need to patch the server against a denial-of-service vulnerability. The venerable BIND is the world's most-used Domain Name System (DNS …
Face Palm D'oh from Shutterstock

IETF protects privacy and helps net neutrality with DNS over HTTPS

The Internet Engineering Task Force has taken the first steps towards a better way of protecting users' DNS queries and incidentally made a useful contribution to making neutrality part of the 'net's infrastructure instead of the plaything of ISPs. The Register first noticed the technology in this article by Mark Nottingham ( …
DNS toolkit

Open source nameserver used by millions needs patching

Open source DNS software vendor PowerDNS has advised users to patch its "Authoritative" and "Recursor" products, to squish five bugs disclosed today. None of the bugs pose a risk that PowerDNS might itself be compromised, but this is the DNS: what an attacker can do is fool around with DNS records in various ways. That can be …
Bell switchboard

DNS resolver 9.9.9.9 will check requests against IBM threat database

The Global Cyber Alliance has given the world a new free Domain Name Service resolver, and advanced it as offering unusually strong security and privacy features. The Quad9 DNS service, at 9.9.9.9, not only turns URIs into IP addresses, but also checks them against IBM X-Force's threat intelligence database. Those checks …

Google slides DNS privacy into 'Droid developer stream

Android users might get better protection for their browsing records, if a Google experiment takes off. XDA-developers.com spotted the entry in the Android Open Source Project, which adds DNS over TLS, along with an option to turn it off. The idea of sending DNS queries over TLS is simple: it's in line with the IETF's (and …
Broken light bulb

WTH is my domain? OpenSRS and Hover down and out

Updated The domain name server "OpenSRS" crashed and burned during the dead of night following a network failure, taking down scores of customers' portals with it. Normal service has yet to resume. OpenSRS is owned by the operating service Tucows, and according to builtwith.com, there are about 690,000 active websites using it. …

¡Dios mío! Spain blocks DNS to hush Catalonian independence vote sites

As a controversial referendum on the independence of Catalonia draws near, the Spanish government has expanded efforts to shut it down, even blocking access to some websites. After a number of .cat websites covering the referendum were aggressively shut down by the authorities, pro-independence groups set up new websites at …
Kieren McCarthy, 27 Sep 2017
Skull and Crossbones in the cloud

IBM's global load balancer and reverse DNS degraded by domain transfer mess

IBM's cloudy global load balancer and reverse DNS services have been impacted by a DNS mess inflicted on Big Blue by a domain name registrar. In an email to customers, IBM says that on September 6th “During a bulk transfer of domain names between two domain registrar services, two domains (global-datacenter.com and global- …

Sysadmins told to update their software or risk killing the internet

The world's internet providers and sysadmins need to make sure they are running up-to-date software or they risk cutting their customers off from the internet in October, DNS overseer ICANN has warned. Following a process that started back in May 2016, the cryptographic keys that secure the foundations of the domain name …
Kieren McCarthy, 22 Aug 2017

It's 2017 and someone's probably still using WINS naming. If so, stop

Sysadmins should already have purged WINS from their Microsoft Windows Server environments – but if they haven't, there's a new reason to take it for one last walk out behind the shed. Fortinet's Honggang Ren says a WINS Server remote memory corruption vulnerability in the MS-proprietary name server isn't going to get fixed, …

.Science and .study: Domains of the bookish? More like domains of the JERKS!

The .science domain has become a “hotspots” of malicious or abusive activity on the internet, according to a new study out Tuesday. DNS-based cyber threat intelligence DomainTools found that .science had the highest concentration of bad domains, followed by .study and .racing. None of the 2017's most malicious generic Top …
John Leyden, 23 May 2017
Banned

Taiwan government to block Google's public DNS in favor of HiNet's

The Taiwanese government intends to block Google's public DNS service, citing cybersecurity concerns. The question is whether those concerns are the government's or its citizens', with the government pushing its own DNS service – a setup that is typically used to spy on people's internet communications. The announcement comes …
Kieren McCarthy, 11 May 2017

Boffins supercharge the 'hosts' file to save users plagued by DNS outages

The venerable Domain Name System (DNS) is becoming known for fragility, and keeping track of your own favourite sites' IP addresses is a pain. So a group of researchers want to automate the upkeep of hosts to give users an emergency backup if their provider blacks out. The idea is that DNS records could be double-checked …
Woman says oops after data breach... or spome other mistake, possibly. Illustration by Shutterstock/sergey sobin

Ubuntu splats TITSUP bug spread in update

A simple library update turned into a white-knuckle ride for Ubuntu sysadmins, who have lit up Reddit and StackOverflow to complain that their 'net connections went TITSUP (Total Inability To Support Usual Performance). The guilty code is an upgrade to libc6 which broke the getaddrinfo() function in Ubuntu's DNS resolver code …

Create a news alert about dns, or find more stories about dns.

Biting the hand that feeds IT © 1998–2018