Blogs

Last modified: January 30, 2014
  • ICANN 51: Accountability for F-root operations

    ISC has operated F-Root, one of the world’s thirteen root name servers, since 1994. We have this service deployed around the world in 55 locations to offer fast, reliable access even in otherwise underserved parts of the world. We have well over a thousand peers. F-Root is supported with the help of multi-year donations in kind from many service providers and other

    Read more
    0
  • ISC’s DHCP client can be used as a delivery vector for bash bug

    Despite reports to the contrary saying that a 2011 change (CVE-2011-0997) to dhclient prevents exploitation of this flaw, ISC has confirmed that the DHCP client provided as a part of ISC DHCP can be used to exploit the bash vulnerability if the operator of a rogue DHCP server passes a specially constructed value as the payload of a DHCP option field.

    Read more
    0
  • Certificate Authority Authorization Records

    Support for the CAA record was added to BIND with the 9.10.1B release, after Rick Andrews of Symantec approached us at an IETF meeting and asked why we didn’t have it already.  Rick is an expert and evangelist for the use of certificates, so we invited Rick to explain why people should use CAA records.   Certificate Authority Authorization (CAA, RFC 6844)

    Read more
    0
  • Public Source Code Repository

    We have had many requests for a public repository to enable users or OS package maintainers to back-port specific fixes, or to cherry pick fixes for a platform release.   We used to provide access to a read-only git as a benefit of BIND- and DHCP-Membership. We ended the BIND and DHCP-Members programs in mid-2013, but we have kept the read-only

    Read more
    0
  • Codenomicon Testing for BIND

    Our users value stability and security above anything else, when it comes to BIND.  Every time we have to issue a security advisory we are inconveniencing thousands of network administrators.  We also know they would rather be informed if there is some way to compromise or crash BIND.  So, when we read that Codenomicon discovered the Heartbleed bug in OpenSSL, we decided to

    Read more
    0