An analysis of wide-area name server traffic: a study of the Internet Domain Name System
SIGCOMM '92 Conference proceedings on Communications architectures & protocols
Impact of configuration errors on DNS robustness
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Distributed DNS troubleshooting
Proceedings of the ACM SIGCOMM workshop on Network troubleshooting: research, theory and operations practice meet malfunctioning reality
Understanding implications of DNS zone provisioning
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Observations from the DNSSEC Deployment
NPSEC '07 Proceedings of the 2007 3rd IEEE Workshop on Secure Network Protocols
Implementing a "moving target" system to protect servers
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Resolvers Revealed: Characterizing DNS Resolvers and their Clients
ACM Transactions on Internet Technology (TOIT)
Hi-index | 0.00 |
The Domain Name System (DNS) is a critical component of the Internet. It maps domain names to IP addresses and serves as a distributed database for various other applications, including mail, Web, and spam filtering. This paper examines DNS zones in the Internet for diversity, adoption rates of new technologies, and prevalence of configuration issues. To gather data, we sweep 60% of the Internet's domains in June-August 2007 for zone transfers. Of them, 6.6% allow us to transfer their complete information. Surprisingly, this includes a large fraction of the domains deploying DNS security extensions (DNSSEC). We find that DNS zones vary significantly in size and some span many autonomous systems. Also, while anti-spam technologies appear to be getting deployed, the adoption rates of DNSSEC and IPv6 continue to be low. Finally, we also find that carelessness in handing DNS records can lead to reduced availability of name servers, e-mail, and Web servers. This also undermines anti-spam efforts and the efforts to shut down phishing sites or to contain malware infections.