Blogs

  • Happy Birthday to ISC’s DHCP4

    On November 29th ISC’s DHCP4 will turn 18. The first code for the DHCP project was committed to the source repository by Ted Lemon on 1995-11-29. Over the years, our contributors have committed over 9,500 changes, covering everything from small bug fixes to major enhancements. Today, our DHCP code supports clients, relays and servers for both DHCPv4 and DHCPv6. Looking forward, our next

    Read more
    0
    0
  • BIND 9’s Security Record

    Introduction BIND 9 has an image problem. In fact, BIND of any version has had an image problem since at least the mid-1990’s, when the Internet stopped being a military/educational playground and turned commercial. That’s when security became an issue in a lot of places where people didn’t have to worry about it in the past. That’s when BIND started

    Read more
    0
    0
  • What’s Your Version?

    Who knew? We sure didn’t, and that’s why we’re asking. ISC has been providing BIND and ISC DHCP software for over 15 years now.  Publicly-available sources put our market share at over 80%, meaning our users come from a wide variety of industries and skill levels, but all depend on BIND.  In order to gain a better understanding of how

    Read more
    0
    0
  • Internet Systems Consortium Renews Commitment to BIND as Open Source – Jeff Osborn named President

    Internet Systems Consortium’s (ISC) Board of Directors named Jeff Osborn as Executive Director with the explicit goal of ensuring production-­‐ quality, fully featured nameserver software is available as open source, with no financial barriers to its use. Osborn will also serve as President of DNSco, ISC’s commercial subsidiary. “I am both thrilled and humbled to be trusted with the task

    Read more
    1
  • Happy 30th Birthday, GNU!

    Happy 30th Birthday GNU Project!

    Read more
    0
    0
  • BIND 9.9.4 Released

    ISC is excited to announce the release of BIND 9.9.4, featuring Response Rate Limiting (RRL), security patches, and bug fixes for DNSSEC, RPZ and configuration modules. The latest dot release ensures the stability, robustness and security of your critical Internet infrastructure. Response Rate Limiting (RRL) A DNS DDoS attack works by forging queries that look like they came from the

    Read more
    0
    0
  • Cache poisoning gets a second wind from RRL? Probably not.

    You may have heard recently that Response Rate Limiting (RRL) has re-opened the door on cache poisoning attacks (see CVE-2013-5661). ISC acknowledges that RRL can increase the effectiveness of cache poisoning attacks and appreciates the detailed research that uncovered it.  This is, however, only one piece in the larger context of competing security concerns, and each operator will need to

    Read more
    0
    0
  • ISC adds DDoS defense module to BIND software

    Internet Systems Consortium (ISC) announces that the RRL module, currently the most effective defense against the use of DNS in Distributed Denial of Service attacks, is now part of the upcoming BIND release. A DNS DDoS attack works by forging queries that look like they came from the victim’s server, making it appear to be requesting a high volume of

    Read more
    2
    0
  • ISC Spins Off Its Security Business Unit

    Internet Systems Consortium (ISC) announces that it has sold its security-related assets to Farsight Security, Inc., (“Farsight”) a new company started by ISC founder, Paul Vixie. The DNSDB and SIE services developed by ISC over the past five years will now be provided by Farsight. “Paul Vixie has been the driving force in Internet security innovation at ISC for many

    Read more
    0
    0
  • ISC Board Members inducted into the Internet Hall of Fame

    ISC congratulates Board members Stephen Wolff and David Farber on their induction into the Internet Hall of Fame. Thank you for all you’ve done for ISC and the Internet! Internet Hall of Fame

    Read more
    0
    0
  • Hijacking DNS? Error? DDoS? What happened, and what you can do

    Last night, TechCrunch reported that LinkedIn and Fidelity.com faced an outage due to a DNS error. ISC staff and colleagues observed that the error was caused due to the changing of nameserver information at the registry; leading to DNS queries to be directed to nameservers that did not correctly answer those queries. Suzanne Woolf, ISC’s Director of Strategic Partnerships, points

    Read more
    0
    0
  • Thoughts on a Recent BIND Interop Issue

    Unexpected DNSSEC validation failures ISC was recently involved in the troubleshooting and diagnosis of a DNSSEC-validation interoperability issue between BIND 9 and PowerDNS, where BIND is acting as a recursive server, and PowerDNS is authoritative. The end result was that BIND marked the PowerDNS server as not supporting EDNS0. Since DNSSEC requires EDNS0 support, the PowerDNS server was no longer considered capable of

    Read more
    0
    0

Last modified: November 1, 2016 at 1:25 pm