The security risks of domain name hijacking and attacks on the DNS are often overlooked by IT administrators. An analysis of the DNS and domain name portfolios in Canada reveals serious security vulnerabilities. The Canadian Internet Registration Authority (CIRA) tracks and monitors Internet technology trends, supports a strong local IXP network, and provides technology for research networks to help members protect their online presence. This talk will begin by providing a brief overview of domain name and DNS security risks before delving more deeply to help administrators understand how domain names are hijacked and how the DNS is being exploited by hackers. It will discuss common tools bad actors use to hijack domain names or DDoS the DNS to bring down websites and embarrass target organizations.
We will also present the results of a comparative analysis on the authoritative DNS of BCNET members including common configuration errors and opportunities to optimize the DNS that are being used by ORION, ACORN and Cybera in Canada. It will help administrators understand the technology that can be used to help combat most attacks. Including:
- Detail the best practices for securing a domain name portfolio and preventing domain name hijacking
- An analysis of typical DNS configurations that we have seen across Canadian institutions and their associated risks
- Describe a method for strengthening the DNS using Anycast technology
- Case studies from recent attacks, describe how they were mitigated, and how they could have been avoided altogether.
Mark Gaudet
Product Manager, The Canadian Internet Registration Authority