Dr
Casey Deccio
(Sandia National Laboratories)
10/5/13, 4:00 PM
DNSViz was developed for the purpose of analyzing, reporting, monitoring, and visualizing DNS zones, particularly for DNSSEC. It has primarily been used for analysis and troubleshooting of DNSSEC deployment. Although it is several years old, it is still undergoing changes to incorporate additional enhancements in the way of functionality, stability, and historical archival. We describe the...
Mr
Antoin Verschuren
(SIDN)
10/5/13, 4:20 PM
SIDNLabs has a DNS workbench (http://workbench.sidnlabs.nl/) open to the world to test DNS cornercases or bugs on a variety of nameserver software. This talk will give an update on new features, software and results of the DNS workbench, and invites other DNS experts to supply us with feedback on features they would like to be able to test on the SIDNLabs DNS workbench.
Mr
Dave Knight
(ICANN)
10/5/13, 4:40 PM
Hedgehog is a replacement for DSC, developed for ICANN by Sinodun Internet Technologies Ltd. It's development was motivated by a need to match the growing deployment of the L root nameserver. ICANN intends to release Hedgehog under a free software license.
Mr
William Sotomayor
(DNS-OARC)
10/6/13, 9:30 AM
As part of the OARC Development Plan, Q2 and Q3 of 2013 have seen significant rationalization, upgrade and development of OARC's Systems and Services. This presentation in conjunction with the OARC Infrastructure Plan details the changes and improvements made to date and planned for the future.
Mr
Kazunori Fujiwara
(Japan Registry Services Co., Ltd)
10/6/13, 9:55 AM
The number and characteristics of full resolvers are presumed in analyzing DITL data and JP packet capture data. This report presents number of IP addresses which send root DNSKEY queries, EDNS0 queries, DO queries, non-existing name queries, JP queries, updates, and others. Then, it compares root data and JP data.
Duane Wessels
(Verisign)
10/6/13, 10:45 AM
The New York Times suffered a high-profile attack to its domain name via a compromised DNS registrar. Within 6 hours of the attack we initiated an "open resolver scan" of the IPv4 Internet, asking for the address nytimes.com. The results highlight the difficulties faced by organizations trying to purge incorrect data from DNS caches around the Internet.
Mr
Florian Maury
(ANSSI/FNISA)
10/6/13, 11:10 AM
Internet entities are regularly affected by Distributed Denial of Service (DDoS) on various scales. Several methods can be leveraged to perform such attacks, but the most recent incidents were caused by throughput amplification via DNS servers. Improving the overall security of the French segment of the Internet is one of the missions of ANSSI (the French Network and Information Security...
Mr
Ondrej Sury
(CZ.NIC)
10/6/13, 11:55 AM
Amir Herzberg & Haya Shulman has presented a new DNS vulnerability based on IP fragmentation. This presentation will dive into the practical aspects of implementing working PoC as done by CZ.NIC Labs and other parties.