Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

IPv6 CoE Blog

On Neustar's DNS Real-time Directory

Last week, Neustar announced that they've added an interesting new feature to their zone hosting service, called the DNS Real-time Directory. In an effort to address some of the shortcomings of DNS's loose coherence, Neustar is publishing changes to the zones they host on their constellation of authoritative name servers through Amazon's EC2 service. Subscribers, including OpenDNS, are notified of those changes and can remove outdated resource records from their recursive name servers' caches in response. This would help avoid the recent mess caused by the accidental appending of an extra ".SE" to domain names in Sweden's .SE...: While the problem was fixed on the authoritative name servers right away, the operational effects lingered for up to a day--the TTL on resource records in the .SE zone, and hence the maximum time recursive name servers would cache the bogus records. Had Neustar been hosting .SE and had the DNS Real-time Directory up and running, presumably they could have invalidated the cached, bogus records--on OpenDNS's name servers, at least.

Neustar says it's working with other providers of recursive name service, too. We'll see who that includes. Google's Public DNS service and DynDNS seem like obvious candidates, though DynDNS also runs services that compete with Neustar's.

I'm also interested to see if Neustar is willing to open the publishing end of the service up to rivals in the business of hosting authoritative zones. While that would reduce the competitive advantage they gain from the Real-time Directory, it could hugely increase the incentive for providers of recursive DNS services and products to support their fledgling feature. That would be a bold move, indeed.

Showing results for 
Search instead for 
Did you mean: