Search results for tag #dns
After what appears like a key roll that went wrong at an EU based registrar or DNS hoster a few weeks ago, it seems that .SE now has a consistent group of domains with CDS records out of sync with the parent zone.
#dns #dnssec
https://kalfeher.com/analysis/cds-charts/#6-mismatch-between-cds-and-ds-records-per-tld
@timbray , about "Canadian Shield", I feel I ought to plot a middle course between praising CIRA for providing something helpful, and mild criticism for their misleading description and apparent proprietary codebase. So:
CIRA have given to the world a seemingly nice filtering DNS proxy, to block requests to malicious Web sites known to Canadian Centre for Cyber Security ("CCCS"). It fits into various OSes as router/other-computer system-level software or as a Web browser extension.
It is not, as claimed on cira.ca/en/canadian-shield/, a "DNS resolver", nor, as claimed elsewhere on that site and linked pages, a "DNS server".
It is also apparently not open source or even source-available, as far as I can tell, and its source of truth, the filtering data, is apparently neither controllable nor visible to the user, but rather gets blackbox-oursourced to the presumably benevolent folks at CCCS, who furnish judgement about what DNS FQDNs your Web browser(s) should be permitted to resolve.
It would be boorish to gripe about any of that, but (a) an open source implementation with crowd-source friendly blocklists would be even better, and (b) I was slightly disappointed that it isn't a DNS resolver, particularly one of the full-featured subvariety called "recursive resolvers".
Now, there actually are a number of amazing, bulletproof, no-administration-needed recursive resolvers,some tiny enough to even make sense as the local DNS client on smartphones. I don't know if any have been made to work on smartphone OSes, but they should be: Knot Resolver, Deadwood, Unbound, PowerDNS Recursor, and dnscache. (See my bestiary for Linux: http://linuxmafia.com/faq/Network_Other/dns-servers.html )
I mention those in case any smartphone coders wish to fill what is probably an unmet need.
(Disclaimer: I haven't much looked into filtering DNS proxy software. Not my cuppa.)
If you missed this:
KrebsonSecurity: Cloudflare Scrubs Aisuru Botnet from Top Domains List https://krebsonsecurity.com/2025/11/cloudflare-scrubs-aisuru-botnet-from-top-domains-list/ @briankrebs #Cloudflare #infosec #IoT #DNS
If you could ask the creator of #dns anything, what would you ask??
(I have a friend who IS actually conducting this interview and asked me)
My new PowerDNS Cluster (HA) went online. Fancy Galera Backend, neafty auto-ZSK rollover, good Monitoring.
Easy to use with WebUI.
WUB IT! 💓
@pgl We had a discussion about this a few months ago with @jpmens @paulehoffman and @winfried : you are a bit early as we concluded #DNS Day should be Nov. 24!
See: https://infosec.exchange/@paulehoffman/114534984238271460
And: https://github.com/ietf-tools/datatracker/issues/8910 (for a copy of the original Toot by @jpmens )
Still, it would be nice to do something fun on that particular day!
It's finally happened! I watched a movie (circa 2000) with a domain name that's now available.
Anyone else play this game?
Весь мой вчерашний и позавчерашний день, в борьбе с Unbound , DNS-over-TLS , #letsencrypt, AppArmor и, естественно , Linux.
Alt...
#unbound опять не запускается
Alt...
#AppArmor мешает #unbound читать сертификаты #letsencrypt