Fraud Management & Cybercrime , Governance & Risk Management , Next-Generation Technologies & Secure Development
Using DNS Data for Cybercrime Intelligence
DNS Pioneer Paul Vixie on Running Your Own Recursive ResolverPaul Vixie is one of the engineers who designed the original protocols for the Domain Name System, or DNS. He says DNS, which translates domain names into IP addresses, provides a rich source of data that can help organizations defend themselves against cybercrime.
See Also: 5 Requirements to Stay Afloat in the SIEM Storm
Organizations should look closely at their DNS traffic to ensure they’re filtering out potentially harmful requests that could lead to unsafe services, he says. They also should run their own recursive resolvers – which sit in between authoritative name servers and clients and help to keep the internet more resilient. In fact, he’s joked that if he was hit by a truck, his family would probably chisel "run your own recursive name server" on his headstone.
Many large internet companies, such as Google, Cisco’s OpenDNS and Cloudflare, now offer their own DNS resolution services. Vixie says that while the topic of recursive name servers is “boring as sand on the beach,” organizations should run their own because there are risks in centralization.
“That makes everything about the internet more resilient and probably safer and more private,” Vixie says. “We should not have taken something that was this important and moved it further and further away. There’s nothing about the average home network that can’t tolerate an extra recursive name server.”
In this video interview with Information Security Media Group, Vixie discusses:
- Why there are likely to be major security incidents affecting core internet infrastructure;
- Why making security improvements to DNS poses challenges;
- How organizations can use DNS to improve their defenses against cybercrime and fraud.
Vixie is CEO of Farsight Security, which focuses on DNS solutions. For more than a decade, he was the maintainer of BIND, a popular open source DNS software system. He’s an international speaker who has testified before the U.S. Congress, and he was inducted into the Internet Hall of Fame in 2014.