Akamai Diversity

The Akamai Blog

Akamai

Akamai

September 24, 2014 1:17 PM

Response Rate Limiting Bites Back?

A new kind of DDoS attack is currently stressing DNS infrastructure everywhere. Attackers gain access to DNS resolvers through home gateways with open DNS proxies. Proxies forward large bursts of queries with spoofed IP addresses to whatever resolver they are configured to use, usually an ISP resolver. With these attacks, the overwhelming majority of queries require recursion so resolvers in turn query authoritative servers to get answers.

Akamai

Akamai

April 19, 2014 11:34 AM

Deterring DNS Amplification: Considerations for Filt ...

A new variant of DNS amplification attack relies on home gateways with open DNS proxies to forward DNS queries to ISP resolvers. To launch this exploit attacker can deploy their exploit code anywhere on the Internet that allows address spoofing, a compromised server in a hosting facility for example. From there DNS queries can be targeted at any network with open home gateways. These queries enter ISP networks at border

Akamai

Akamai

August 1, 2012 4:03 PM

How to Evaluate Performance of a DNS Resolver

Ten years ago everyone evaluating DNS solutions was always concerned about performance. Broadband networks were getting faster, providers were serving more users, and web pages and applications increasingly stressed the DNS. Viruses were a factor too as they could rapidly become the straw that broke the camel's back of a large ISP's DNS servers. The last thing a provider needed was a bottleneck, so DNS resolution speed became more and

Thomas Orthbandt

Thomas Orthbandt

February 28, 2012 4:27 PM

Best practices for securing the DNS infrastructure

Like any critical part of network infrastructure, securing recursive DNS requires a layered approach. All the points of entry into the system - the console(s), network, etc need to be protected.

Thomas Orthbandt

Thomas Orthbandt

February 8, 2012 1:09 PM

Best practices for running DNS caching servers

Your new DNS infrastructure is up and running! Here's what to watch for, how to monitor, and tips for patches and upgrades.

Thomas Orthbandt

Thomas Orthbandt

January 24, 2012 2:58 PM

Best practices for DNS design and architecture

The DNS is a critical component of ISP infrastructure. It's usually described in two forms, Authoritative and Caching.

Akamai

Akamai

January 17, 2012 1:54 PM

Advantage DNS

The DNS has played an essential role since the earliest days of the Internet, resolving an IP address when given a domain name. Now it's being considered for security applications. There are many fundamental reasons why it makes sense: