Mr
Alexis Fasquel
(Packet Clearing House)
9/29/17, 12:15 PM
As part of the creation of a new public DNS resolver by PCH, multiple monitoring projects have been introduced.
This open sourced monitoring suite is part of an effort to allow a better internal understanding of our public DNS resolution service but also to answer specific questions asked by some of our partners. The various components look at the full stream of DNS data, distills and...
Mr
Stephan Lagerholm
(T-mobile)
9/29/17, 12:30 PM
Over the last 10 years, T-Mobile have had a strategy of removing our dependency of IPv4. In the spring of 2017 we finally flipped the switch and turned off IPv4 for over 10 million handsets. We have in other words reached the utopia of making our customer experience independent of IP transport protocol. To achieve this we are using DNS64 and related technologies. Stephan will share some of...
Mr
Petr Špaček
(CZ.NIC)
9/29/17, 2:45 PM
Is RFC 7706 aka Decreasing Access Time to Root Servers by Running One on Loopback a good idea or not? If not, can we implement similar with less disadvantages?
In this presentation we will analyze measurement data from small and big recursors to estimate impact of RFC 7706 and its alternatives like Agressive NSEC use (IETF draft-ietf-dnsop-nsec-aggressiveuse).
Dr
Casey Deccio
(Brigham Young University)
9/29/17, 3:30 PM
Domain Name System (DNS) authoritative servers are a critical component of Internet infrastructure, and as such, they are deliberately accessible to any Internet computer, as a means to find the Internet services they wish to access. Such accessibility can attract ill-intended users to use these same servers with malicious intent, a primary example being DNS reflection-based Distributed...
Dr
Sara Dickinson
(Sinodun IT)
9/29/17, 4:30 PM
The goal of this talk will be to review the current status of DNS clients that can provide DNS Privacy for end users.
Stubby (from the getdns team) is becoming more mature - moving to it’s own project, improving packaging and there is a prototype GUI and iOS app on the way. Some Android folks spent time at the last IETF Hackathon implementing support for opportunistic DNS Privacy, and for...
Dr
Sara Dickinson
(Sinodun IT)
9/29/17, 5:00 PM
Recent years have seen significant changes in the standards for DNS-over-TCP, a new EDNS0 Keepalive option, a new standard for DNS-over-TLS and a new Internet Draft proposing ‘DNS Session Signalling’. The latter specifies a completely new mechanism to manage persistent DNS sessions which has already been utilised for DNS Service Discovery to introduce novel ways to propagate DNS data e.g....
Mr
Christopher Baker
(Dyn)
9/29/17, 5:30 PM
The Canonical Name, CNAME, record has become the default means of service integration for a number of Cloud and SaaS providers. The scope of services integrated via CNAME includes everything from marketing automation services to cloud load balancers. In some cases, you may have a service integration which is done by a CNAME and points to another CNAME, which may point to yet another CNAME....
Mr
Daniel Karrenberg
(RIPE NCC)
9/30/17, 9:30 AM
The number of queries for the '. NS' RRset received at K.root-servers.net today is around 2000/second. This is much higher than what we would expect from well behaved clients.
Hence we have studied all priming queries received at K for seven consecutive days in July 2017. This work describes the general characteristics of the priming queries
and suggests a classification of client behavior....
Mr
Kazunori Fujiwara
(Japan Registry Services Co., Ltd)
9/30/17, 9:45 AM
The Domain Name System (DNS) is a key part of the infrastructure of
the Internet. Recent discussions have centered on the removal of the
shared DNS resolver and the use of a local full-service resolver
instead. From the viewpoint of the cache mechanism, these discussions
involve removing the shared DNS cache from the Internet. Although the
removal of unnecessary parts from a total system...
Dr
Han Zhang
(Salesforce)
9/30/17, 11:30 AM
Cyber security constitutes one of the most serious threats to the current society, costing billions of dollars each year. Botnets is a very important way to perform many attacks. In botnets, the botmaster and bots exchange information through C&C channels, which can be implemented using many protocols. HTTP-based botnets are very common as they are easy to implement and maintain. To improve...
Mr
Yuriy Yuzifovich
(Nominum)
9/30/17, 12:10 PM
A “core” domain, aka an “effective 2nd level domain” (e2LD) usually captures domain ownership (www.example1.com, www.example2.co.uk) and is thus a useful marker for analysis of DNS data. New core domains, are particularly interesting, since they’re highly correlated with malicious activity. For the past 5 years we’ve been tracking new core domains and last year undertook a project to greatly...
Mr
Vincent Levigneron
(AFNIC)
9/30/17, 12:45 PM
In order to test how our organization was able to deal with DDoS attacks, we put in place a full-scale test program, the first of which took place a month ago. We know that it is not possible alone to counter this type of attack, but we must be prepared, as an organization, to make the best decisions when this kind of event happen. The primary goal of this first exercise was not only to test...
Matthew Pounsett
(Rightside)
9/30/17, 1:25 PM
Send your PGP keys to pgpsign@dns-oarc.net before the morning break on Saturday.
Please attend Matt's talk about how the PGP signing will be done which will happen during the session after the morning break.
Jing Qiao
(NZRS)
9/30/17, 2:30 PM
This talk is to share my progress on source IPs cluster analysis, which is to apply the unsupervised machine learning techniques to find different patterns in the DNS traffic seen at the .nz authoritative nameservers.
Duane Wessels
(Verisign)
9/30/17, 3:30 PM
Mr
Keith Mitchell
(DNS-OARC)
9/30/17, 3:35 PM
OARC Business
Mr
Jerry Lundström
(DNS-OARC), Mr
William Sotomayor
(DNS-OARC)
9/30/17, 4:05 PM
OARC Business
Mr
Keith Mitchell
(DNS-OARC)
9/30/17, 4:45 PM
Duane Wessels
(Verisign), Mr
Keith Mitchell
(DNS-OARC)
9/30/17, 5:00 PM
Mr
Keith Mitchell
(DNS-OARC)
9/30/17, 5:30 PM
Mr
Keith Mitchell
(DNS-OARC)
10/3/17, 1:30 PM
This talk will give an introduction and summary for the wider NANOG71 audience of the latest DNS material freshly presented at OARC27.