Over the past few years, we’ve witnessed increasing attacks against DNS infrastructure: DDoS attacks against authoritative name servers, name servers used as amplifiers in DDoS attacks, compromised registrar accounts used to modify delegation information, cache poisoning attacks, and abuse of name servers by malware. Thankfully, we’ve also seen the concurrent development of powerful new mechanisms for combating those threats, including the DNS Security Extensions, response policy zones, and response rate limiting.

Perhaps the most promising means of enhancing DNS security, and the security of the Internet generally, has yet to be fully exploited. That’s Passive DNS data.

To read this article in full or to leave a comment, please click here