×
  • Performing a signing algorithm rollover is not for the faint of heart

    We are proud of our DNSSEC heritage here at Secure64. We launched the first fully automated DNSSEC signing appliance in 2008, just weeks after security researcher Dan Kaminsky made public the flaws in the DNS protocol that DNSSEC addresses. Our goal from the very beginning was to make deploying DNSSEC…

    Read More
    0 3265
  • Developing a Framework to Improve Critical Infrastructure Cybersecurity

    Here are thoughts from our CTO, Bill Worley PhD, on properly securing critical infrastructure in our highly connected world. They are particularly applicable with what we have seen in the last year with increased DDoS attacks focused on the DNS and compromised systems for the theft of intellectual property.

    Read More
    0 1543
  • DNSSEC Adoption is Slow for Government Agencies

    Even though more than two years have passed since federal government agencies were required to support DNS Security Extensions (DNSSEC) on their web sites, only 57 percent of agencies have met these requirements. In other words, about 40 percent of federal agencies have not secured their domains to protect users…

    Read More
    0 502
  • Google Now Supports DNSSEC

    Google announced this week that they have enabled Domain Name System Security Extensions (DNSSEC). This is essential for ensuring that DNS queries are directed to the real web site. With this in place Google is now checking the digital signatures on DNSSEC formatted messages. Currently 7% of the volume of…

    Read More
    0 574
  • DNSSEC Deployment Lags

    DNSSEC has been slow to be accepted by commercial sites, leading a lag in DNSSEC deployment, even though it is the best solution to prevent the exposure to site hijacking. This type of hijacking is possible because of a major flaw in DNS that makes it possible for hackers to…

    Read More
    0 674
  • Lack of DNSSEC Deployment on Financial Services Web Sites

    It comes as a real surprise that one of the industries (financial services) that should be most interested in the security of their web sites has not implemented a key piece of protection, Domain Name System Security Extensions (DNSSEC). DNSSEC is a technology that was developed to add critically needed security…

    Read More
    0 576
  • Four Vulnerabilities in Infrastructure Defense

    “The basic underpinnings of the Internet — BGP, DNS, and SSL — we take for granted they were built in much friendlier times when friendly people wanted to communicate with friendly people. The Internet was built to be survivable, not trustable,” said John Pescatore, vice president and research fellow for…

    Read More
    0 515
  • DNS Diversity

    Every DNS administrator knows that you need to configure at least two recursive or authoritative DNS servers so that you can still provide service in case one fails. Many administrators also know that these servers ideally should be located in different data centers and utilize different networks so that DNS…

    Read More
    0 584
  • FCC Recommends Code of Conduct for ISPs

    In an earlier blog we mentioned the recommendations made by the CSRIC (Communications Security, Reliability and Interoperability Council), a Federal Advisory Committee for the Federal Communications Commission (FCC), to improve Internet safety. This is a set of industry-wide best practices for ISPs and other organizations that operate critical infrastructure. The…

    Read More
    0 839
  • DNSSEC Adoption is Slow for Government Agencies

    Even though more than two years have passed since federal government agencies were required to support DNS Security Extensions (DNSSEC) on their web sites, only 57 percent of agencies have met these requirements. In other words, about 40 percent of federal agencies have not secured their domains to protect users…

    Read More
    0 505
Translate »
Contact Us