Blogs

  • Refinements to EDNS fallback behavior can cause different outcomes in Recursive Servers

    Recursive DNS Servers administrators have for many years been advised to ensure that both the servers that they are running and the network environments wherein those servers reside are RFC-compliant. This is to ensure the best possible outcome when handling client queries. While some older DNS implementations and/or mis-configured servers still fail to adhere to current standards, there are two

    Read more
    2
  • ISC Network Operations Report for 2014

    ISC’s Public Benefit network services are: F-Root; SNS-PB, a subsidized anycasted DNS infrastructure for non-profits; Hosted@, subsidized hosting for non-profit projects at our Redwood City location; a municipal network connecting a number of local cities and non-profits to the Internet, and dlv.isc.org, a DNSSEC Look-Aside Validation service.   Network Infrastructure We maintain approximately 2768 peering sessions across our infrastructure, more if you count

    Read more
    1
  • ISC Retrospective on 2014 Open Source work

    Most of our work at ISC falls into one of two major project categories: open source development and network services. We will review our 2014 accomplishments in network services in a separate post. In 2014 we did a solid job of maintaining our primary open source projects, BIND 9 and ISC DHCP.  We fixed more bugs in 2014 than were discovered or reported in 2014

    Read more
    0
  • New code signing key for 2015-2017

    Beginning with the start of 2015, ISC is introducing a new PGP signing key which will be used to verify the authenticity of BIND and DHCP source downloaded from ISC.  This replaces the current key, which is expiring. The old key for codesign@isc.org, with key ID 45AC7857189CDBC5, was created in 2013 with an expiration date of 31 January, 2015, a date that is fast approaching. It

    Read more
    0
  • Important Security Advisory Posted

    We have today posted updated versions of 9.9.6 and 9.10.1 to address a significant security vulnerability in DNS resolution. The flaw was discovered by Florian Maury of ANSSI, and applies to any recursive resolver that does not support a limit on the number of recursions. , A flaw in delegation handling could be exploited to put named into

    Read more
    0

Last modified: January 30, 2014 at 12:11 pm