Blogs

  • 2017 Root Key Rollover – What Does it Mean for BIND Users?

    What is the Root Key (KSK) Rollover? The DNS root key is a cryptographic public-private key pair used for DNSSEC signing of the DNS root zone records. The root zone key-signing key (KSK) serves as the anchor for the “chain of trust” that enables DNS resolvers to validate the authenticity of any signed data in the DNS.  The integrity of the

    Read more
    0
  • Release 9.11 adds provisioning options for DNS authoritative services

    We are proud to bring you another version of BIND, 9.11.0.  We have added many new features, updated our support for DNS standards, improved efficiency in a number of areas, and made provisioning and DNSSEC operations more convenient. BIND users now have three supported versions to choose from: 9.9, 9.10 and now, 9.11. We recommend that administrators run one of

    Read more
    0
  • ISC Receives Mozilla MOSS Award

    We are thankful that Mozilla chose to award a MOSS grant to ISC to help fund development of the Kea DHCP server, through the Mozilla Foundational Technology track.  This is a wonderful program, through which Mozilla gives back to the Internet community by sponsoring development of the open source that everyone can use. Kea is modern software that we hope will eventually

    Read more
    0
  • Kea 1.1 Released

    Adds flexible client classification, plus greatly extended support for host reservation storage in MySQL and PostgreSQL backend databases. Includes initial support for Cassandra, sponsored by Deutsche Telekom.

    Ask us about our Forensic Logging library, available with a support subscription.

    Read more
    0
  • 1
  • IETF hackathon in Berlin: Kea and YANG/NETCONF

    Kea engineers went to IETF hackathon in Berlin, teamed up with Sysrepo engineers and developed a prototype interface to Kea that uses YANG/NETCONF for DHCPv6 server configuration.

    Read more
    0
  • The Potential Operational Risks Associated with Untrusted Zone Transfers

    At the DNS Summer Day 2016  held in Tokyo on June 24th it was disclosed that an unbounded zone transfer (AXFR) operation can cause operational issues due to resource exhaustion for the server that is receiving the zone transfer.  On servers running BIND, Knot or PowerDNS the receiving server may run out of memory, and on servers running

    Read more
    1
  • BIND9 Adopts the MPL 2.0 License with BIND 9.11.0

    ISC published BIND under a very permissive open source license nearly two decades ago, and we have been maintaining it ever since. In December we announced we were changing the license for our Kea DHCP server to the modern and widely-used Mozilla Public License (MPL 2.0). The MPL 2.0 license requires that if you make changes to licensed software (e.g. BIND) and distribute

    Read more
    0
  • ISC considering a change to the BIND9 license

    ISC published BIND under a very permissive open source license nearly two decades ago. Since then, it has become the world’s most widely used nameserver. Partly, this is due to the popularity of commercial services and software based on BIND. While this is welcome, and these commercial products are undoubtedly adding value, unfortunately not all of these users are giving back to

    Read more
    0
  • The ISC Performance Lab

    ISC’s BIND DNS server software is renowned for its rich feature set and compliance with standards but not for its performance. To allow us to focus on BIND’s performance we have recently invested significantly in new hardware in our test lab for dedicated 24/7 performance testing, and have also developed a new web-based system for automated performance tests. Whilst we’ve

    Read more
    0
  • ISC Joins The Open Source Initiative

    ISC has joined the Open Source Initiative as an Affiliate Member.   ISC has developed and supported open source systems for many years. We are delighted to join forces with other open source advocates and developers to help bring a unified voice to our growing movement.   Quoting from OSI’s press release today: “There are only a few organizations that can

    Read more
    0
  • A few words about the glibc vulnerability, CVE-2015-7547

    On February 16th, news reached ISC about CVE-2015-7547, a serious defect in the getaddrinfo() library call in glibc.  This defect allows an attacker to cause buffer overflow to occur, creating the possibility of remote code execution in some circumstances.  ISC has been asked by several of our customers and partners to comment on whether this vulnerability should be of concern

    Read more
    0

Last modified: November 1, 2016 at 1:25 pm