Monday, September 13, 2010

Avoid DNS Cache Poisoning With UltraDNS

On today’s Internet you are going nowhere without DNS. Well, at least if you are human. DNS, the Domain Name System, is what converts all those domain names and lengthy page links into the numerical format that is the native language of the Internet. Living without DNS is untenable with IPV4. When we move to IPV6, probably within a year, it will become even more hopeless.

That’s why fast, reliable DNS services are absolutely critical to anyone using the Web. We tend to take DNS for granted, since these services are provided by every Internet service provider and every Web hosting company. But all DNS services are not equal. Some are slow, some are slow to update, and some are just plain dangerous.

The dangerous part comes from a security attack called cache poisoning. Evil doers, mischief makers, criminals and some of your nastier competitors, compromise a DNS server by exploiting a software weakness. Once in control, they can hijack your traffic and serve up any content they want to unsuspecting visitors. Imagine paying for traffic to your sales sites and then having that traffic redirected to someone else’s sales sites behind your back. Even worse, the content served up could contain malicious content that infects the computers of your visitors and ruins your reputation.

A good way to avoid security issues like DNS cache poisoning is to use a more premium DNS service that offers improved security features. UltraDNS from Neustar is a managed external DNS service that offers a feature called Cache Defender designed to do just that. UltraDNS creates a secure link between the ISP servers and the UltraDNS authoritative DNS servers to prevent malicious DNS responses from poisoning the ISP server’s cache. It uses proprietary software rather than the industry standard BIND software that has been known to have security vulnerabilities.

Managed DNS services are an alternative to taking whatever default DNS service is available from your hosting provider or managing your own DNS servers in-house. The UltraDNS Managed DNS Service has the advantage of being built on a global directory platform with network nodes on five continents worldwide. DNS service requests are routed to the nearest geographical node, with redundancy provided by the other nodes. Being a managed or “cloud” service, you are relieved of burden of system maintenance and operation and benefit from having this immense global resource at your disposal. So confident is Neustar in the robustness of this system that they offer a Service Level Agreement (SLA) with a 100% uptime network guarantee.

Follow Telexplainer on Twitter