News
SIDN's DNS: reliable, available and innovative
Article source: SIDN
For SIDN, a reliable DNS is an absolute priority. Our DNS engineers, Unix managers and network managers are therefore working constantly to maintain and improve the availability of the .nl name server infrastructure. However, it is increasingly common for domain nameservers, such as the .nl servers, to be the targets of internet criminals.
Redundant DNS environment
In order to assure the continued reliability of the .nl domain, all our DNS servers have in recent years been replaced by systems with redundancy in almost all critical physical and functional components in the DNS environment. We also have a configuration management system, which ensures that all systems perform exactly as specified in the design. Furthermore, 24x7 monitoring and detailed log analysis enable us to respond quickly to every service delivery issue.
Abuse
Since last year, however, we have observed increasingly frequent attempts to abuse our DNS servers. The incidents have involved various types of attack, sometimes targeting our systems, but more often aimed at using our systems in DDoS and/or amplification attacks. Such attacks involve a third party being overwhelmed by a volume of traffic that they are not expecting. In other words, criminals have been trying to use the .nl name servers to interfere with the services of third parties. Like other registries and DNS providers, we have therefore been obliged to take steps to address the abuse.
Bandwidth
Since the middle of 2012, we have sought to limit the impact of such attacks by eliminating the malicious traffic from the data flow. Instead of answering every DNS query, we first check whether it is legitimate. The reason being that non-legitimate queries are often submitted simply to use up bandwidth, so that it isn't available for service provision. By deliberate over-provisioning of the infrastructure, it is possible to manage the consequences of the attacks.
Ineffective attacks
Our abuse-prevention measures have had a positive effect: the number of attempted attacks on our servers has fallen sharply, because they no longer have any effect. Our systems can't be used for the malicious purposes described above any more, so the criminals have shifted their attention to less secure systems.
100% uptime
Of course, internet criminals don't stand still: new forms of attack are being invented all the time. For many years, SIDN's DNS service has boasted 100% uptime, and naturally we want to keep that record up. We therefore work tirelessly to enhance our processes, working methods and infrastructure. And thus to stay one step ahead of the criminals.
.ee upgrade WHOIS domain search
Estonian Internet Foundation have upgraded the .ee WHOIS domain search service, which will now also return domain outzoning date (i.e. the date when the domain became unavailable on the Internet) and delete date from the registry.
ICANN Consultation on Root Zone KSK Rollover
The consultation is being conducted using the ICANN Public Comment Process, consistent with the contract requirements. The feedback received during this consultation will inform the Root Zone Management Partners on the subject of KSK rollover, so that a schedule and a detailed implementation plan for KSK rollovers can be established.
More information here
Improvements to .RO domain registration systems
Beginning 23rd of February 2013, a new .RO domain name registration service has been put into service. This allows real time domain registration through the EPP and REST protocols.
New features have also been added to increase the security level of the domains management services, the registrar control panel and control panel for domain owners.
Read further information on these changes including important information for Registrars
Latest issue of .eu Identity is now available
The latest issue of .eu Identity is now available in the .eu registry’s free magazine app on the Apple iTunes® and Google Play stores.
In this issue
Digital strategist, William Deckers, reveals five unique advantages that Internet businesses have over their brick-and-mortar counterparts. And content expert, Anna Borsboom, gives us insights into Search Engine Optimisation (SEO) and how you can use it to increase your website’s visibility.
We take a look behind the scenes of TEDxBrussels to see what goes into organising this annual ideas-exchange event, which brings together thought-leaders from a variety of industries to share, inspire, innovate and effect change.
Download
Search for the latest issue of .eu Identity on Apple iTunes of Google Play using 'EURid' as a keyword. Alternatively, download the magazine from EURid’s website in Flash flip book or PDF formats at link.eurid.eu/identity.
For more information, please email This email address is being protected from spambots. You need JavaScript enabled to view it..
CNNIC appoints Executive Director
Moreover, Mr. Xiaodong Li organized and accomplished several international and domestic technology standards in the fields of domain name and email, the application and delegation of“.中国”, as well as the research and development of the first series of software and hardware system of domain name service in China.
NIC.at publish first ".at report" for 2013
NIC.at have published their ".at Report" looking at latest statistics on ownership and use of .at domains, environmental factors that influence the registration statistics as well as internet and broadband developments in Austria.
"the better the underlying technologies, the more domains are registered"
Click to access report
Summary of the ICANN / Afnic meeting
For his first visit to France and Paris as the CEO of ICANN, Fadi Chehad
CENTR Posts Comment on Consultation on ccTLD Delegation and Redelegation Performance Standards
CENTR has posted their Comment on the Consultation paper from ICANN on ccTLD Delegation and Redelegation Performance Standards.
Summarized the comment states the following:
- For contested re/delegations, KPIs are inappropriate
- For non-contested re/delegations KPIs can be valuable butThe proposed 60 days is too long
- The proposed 80% SL is too low
- Incumbent registries should be made aware immediately of redelegation requests
- Incident stats should be kept and shared with the community
- Security and stability are the most important factors and should be recognized as such in any KPI framework
For the full comment, please go to: http://forum.icann.org/lists/comments-cctld-drd-15jan13/
DK Hostmaster announces EPP for Registrars
The project has been run with ongoing feedback from the registrars. The EPP-service opens up for the possibility of requesting registrations of danish domain names via a standardised protocol. For the EPP-service DK Hostmaster offer a sandbox environment, making it possible for the registrars to test their client software , before utilizing our production environment. At the same time DK Hostmaster offer a public test environment for test of our server software where the registrars have the opportunity of assisting DK Hostmaster if they have resources and an interest in this.
The next step for DK Hostmaster in regard to EPP is to outline a plan for our follow-up on the requests, feedback and wishes, we have received from the registrars.
An EPP info page is available online with links to relevant resources.