Secure64 DNS Products Not Vulnerable to BIND Security Flaw

On July 28, 2015, the Internet Systems Consortium reported a critical security vulnerability in BIND, CVE-2015-5477. This vulnerability, which affects both BIND recursive and authoritative servers, is caused by an error in the handling of TKEY queries, allowing a remote attacker to crash BIND by sending a deliberately constructed query. This vulnerability is considered critical, as it cannot […]

Secure64 SourceT OS not vulnerable to NTP flaws

CERT recently reported two Network Time Protocol (NTP) vulnerabilities (CERT VU#374268 April 7, 2015) . The first one concerns some versions of NTP Project software that will accept packets without authentication digests as if they actually had valid digests attached, and the second one describes a Denial of Service (DoS) scenario in which an attacker […]

More Defenses Against Pseudo Random Subdomain Attacks (PRSD)

This blog post provides three techniques that can be used to protect resolvers against pseudo random subdomain attacks (PRSD).

Don’t drown in the IPv6 address sea

Our Chief Operating Officer, Joe Gersch, recently authored this blog post on managing large numbers of reverse DNS records at our partner, 6connect’s, blog site: http://www.6connect.com/blog/dont-drown-ipv6-address-sea/

Secure64 DNS Cache not vulnerable to recently announced resource exhaustion bugs

Secure64 has confirmed that its DNS Cache product is not vulnerable to the latest BIND Vulnerability bug announced by ISC on December 8, 2014. This BIND bug is categorized as severe and remotely exploitable, and is the 9th such vulnerability in the past 24 months. The announcements describe flaws in the BIND DNS resolver that […]

Latin America Going IPv6-only

IP address assignments around the world are handled by the Regional Internet Registries (RIR). In the beginning of May, I had the pleasure to attend and be a speaker at the LACNIC (the Latin American RIR) conference in Cancun, Mexico. My talk about IPv6 and DNS was very well received and I think the audience […]