Mr Keith Mitchell (DNS-OARC)
Progress update on the OARC Development Plan.
Peter Losher (ISC)
Jim Reid (RTFM LLP)
The DITL data sets for 2012 and 2013 were analysed this summer to get quantitative data on how often queries for new gTLDs appeared at the root servers. Processing this data in the time available presented a number of challenges. Here's an overview of what was done, how it was done and the initial findings. Some of these identify potential subjects for further study and these are explained too.
Roy Hooper (Demand Media)
The publication of the Interisle report on "Name Collisions in the DNS" created significant challenges for anybody wishing to respond to the study itself or to analysis possible mitigation strategies. A donation of additional hardware was made to facilitate the analysis of the data used in the Interisle report by DNS-OARC members. Extracting and analyzing the data from DITL data sets is...
Andrew Simpson (Verisign)
Using new generic Top Level Domains (gTLDs) to add semantics to the DNS root is a semantic enhancement to the Internet's oldest namespace. However, it is because DNS is such a trusted resource that prudence is warranted in any major change. To this end, we have conducted a preliminary study of potential implications of the introduction of new gTLDs. This presentation will focus on specific...
Andrew Sullivan (Dyn)
In the current round of expansion of the root zone, a number of applications appear to conflict with private name spaces that are actually in use on the Internet. This talk presents an overview of a procedure that allows evaluation of when it is "safe" to delegate a name, given that risk of conflict. The procedure begins with the assumption that the Interisle report to ICANN ("Name Collision...
Dr Casey Deccio (Sandia National Laboratories)
DNSViz was developed for the purpose of analyzing, reporting, monitoring, and visualizing DNS zones, particularly for DNSSEC. It has primarily been used for analysis and troubleshooting of DNSSEC deployment. Although it is several years old, it is still undergoing changes to incorporate additional enhancements in the way of functionality, stability, and historical archival. We describe the...
Mr Antoin Verschuren (SIDN)
SIDNLabs has a DNS workbench (http://workbench.sidnlabs.nl/) open to the world to test DNS cornercases or bugs on a variety of nameserver software. This talk will give an update on new features, software and results of the DNS workbench, and invites other DNS experts to supply us with feedback on features they would like to be able to test on the SIDNLabs DNS workbench.
Mr Dave Knight (ICANN)
Hedgehog is a replacement for DSC, developed for ICANN by Sinodun Internet Technologies Ltd. It's development was motivated by a need to match the growing deployment of the L root nameserver. ICANN intends to release Hedgehog under a free software license.
Mr William Sotomayor (DNS-OARC)
As part of the OARC Development Plan, Q2 and Q3 of 2013 have seen significant rationalization, upgrade and development of OARC's Systems and Services. This presentation in conjunction with the OARC Infrastructure Plan details the changes and improvements made to date and planned for the future.
Mr Kazunori Fujiwara (Japan Registry Services Co., Ltd)
The number and characteristics of full resolvers are presumed in analyzing DITL data and JP packet capture data. This report presents number of IP addresses which send root DNSKEY queries, EDNS0 queries, DO queries, non-existing name queries, JP queries, updates, and others. Then, it compares root data and JP data.
Duane Wessels (Verisign)
The New York Times suffered a high-profile attack to its domain name via a compromised DNS registrar. Within 6 hours of the attack we initiated an "open resolver scan" of the IPv4 Internet, asking for the address nytimes.com. The results highlight the difficulties faced by organizations trying to purge incorrect data from DNS caches around the Internet.
Mr Florian Maury (ANSSI/FNISA)
Internet entities are regularly affected by Distributed Denial of Service (DDoS) on various scales. Several methods can be leveraged to perform such attacks, but the most recent incidents were caused by throughput amplification via DNS servers. Improving the overall security of the French segment of the Internet is one of the missions of ANSSI (the French Network and Information Security...
Mr Ondrej Sury (CZ.NIC)
Amir Herzberg & Haya Shulman has presented a new DNS vulnerability based on IP fragmentation. This presentation will dive into the practical aspects of implementing working PoC as done by CZ.NIC Labs and other parties.
Mr Geoff Huston (APNIC)
There has been some recent interest in the use of TCP for DNS queries as a means of mitigating some of the issues with DNS reflection attacks. However, it is not clear how many clients use DNS resolvers that are capable of asking queries using TCP. This presentation reports on a large scale exercise of presenting clients with DNS names whose resolution generated a truncated UDP response from...
Sam Bretheim (Nominum)
We describe the construction of Nominum's system for large-scale analysis of DNS security data, some of the challenges involved in building that system, and some interesting things that we've found in the data. Particular points of interest include malware command-and-control detection and classification, detection of vulnerabilities and bugs in widespread DNS implementations, and a...
Paul Ebersman (Infoblox)
The DNS has become a piece of the critical infrastructure of the internet; without it most users would be unable to do anything. However, both the scale of use and how it's being used (and abused) were not things imagined when the DNS was originally designed. This tutorial will go over various threats to your servers, how to mitigate these threats, information on how the DNS is being abused in...