The Akamai BlogSubscribe
Protecting your Domain Names: Taking the First Steps
Everyone and everything on the Internet depends on the Domain Name System (DNS) being functional. The DNS has been a common vector for attacks in recent years, and 2019 seems to be no different. Many of these attacks have goals far more sinister than simply taking a company offline or defacing a website; reported attacks include redirecting some or all of an organization's domain to gain access to protected
DNS Flag Day & Akamai
Written by Jon Reed & Barry Greene DNS Flag Day is an industry event that promotes the adoption of the most up-to-date DNS features and ensures that non-standards-compliant servers don't negatively impact the global performance of the Internet. The 2019 DNS Flag Day will remove a number of workarounds regarding servers that do not fully support the EDNS0 (RFC 6891) extensions.
Domain Name Consolidation - Observations from the Fi ...
Domain Name Consolidation The market and marketing of Web property domain names is changing. Companies prefer to promote top level domains (TLDs), have the option of selecting brand-relevant domain extensions (e.g. SaaS.com), and no longer need country-relevant domains to optimize search engine result rankings. This provides an opportunity to reduce "domain name fragementation" but also presents business and technical challenges if a migration is required from the active use of
BGP Route Hijacking
Yes, we can minimize the BGP Hijacking Risk Every day we see something new about the global security threat. It is hard to keep track of all the various ways your network can be attacked. But there are some threat-vectors which need particular attention. "Did you know that a threat-actor with 20 BGP speaking routers can cause massive disruption in telecommunications all over the world?" "Did you know that someone
Architectural paths for evolving the DNS
The Domain Name System (DNS) is one of the Internet's fundamental systems, providing the top-level hierarchy for naming Internet resources. One of its purposes is to act as a sort of phonebook, allowing names such as "www.example.com" to be resolved to resource information, such as server IP addresses. It provides the hierarchical naming model that enables clients to "resolve" or "lookup" resource records associated with names. This naming hierarchy also
DNS is a Unique (and Necessary) Security Control
Like many other security professionals, you have been reviewing your security stack, reading up on the latest security trends, and have perhaps recently attended Info-Sec, RSA, Black Hat or some other relevant conference. Along the way, you may have seen messaging for recursive DNS (rDNS) as a security layer. However, it's hard for you to believe DNS is an effective security control, as you know it is a lookup service
Mergers, Acquisitions, and Malware?
Every year, tens of thousands of mergers and acquisitions (M&A) take place across every industry and vertical. In fact, "In 2017, companies announced over 50,600 transactions with a total value of more than 3.5 trillion USD."[1] Not only is M&A complex from a business sense, it also brings the challenge of merging complex IT infrastructures and applications (which are only getting more complex) as businesses move away from a perimeter
Smart DNS Resolution for a Better Safer Internet
By Arlen Frew Top-level Domain (TLD) operators are focused on making the Internet a better and safer place, enabling name registrations, and maintaining the DNS namespace in support of their stakeholders. The entire Internet ecosystem, including TLDs, is always looking for ways to improve security. This is especially important as everyone and everything gets connected and awareness of the adverse impact of malicious online activity increases. Some TLD operators are
DNS: Exfiltration vs. Tunneling
The Internet was designed to share data, but sometimes the paths that enable it are blocked. When it comes to bad actors - that's a good thing. Most companies today have a Data Loss Prevention (DLP) policy to accompany their web proxies and firewalls. Some of them think this is the best way to stop data exfiltration and monitor what is going in and out of their employee's internet devices.