Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management

Using DNS Data for Cybercrime Intelligence

DNS Pioneer Paul Vixie on Running Your Own Recursive Resolver
Paul Vixie, CEO, Farsight Security

Paul Vixie is one of the engineers who designed the original protocols for the Domain Name System, or DNS. He says DNS, which translates domain names into IP addresses, provides a rich source of data that can help organizations defend themselves against cybercrime.

See Also: Live Discussion | The Toll of Identity Sprawl in the Complex Enterprise

Organizations should look closely at their DNS traffic to ensure they’re filtering out potentially harmful requests that could lead to unsafe services, he says. They also should run their own recursive resolvers – which sit in between authoritative name servers and clients and help to keep the internet more resilient. In fact, he’s joked that if he was hit by a truck, his family would probably chisel "run your own recursive name server" on his headstone.

Many large internet companies, such as Google, Cisco’s OpenDNS and Cloudflare, now offer their own DNS resolution services. Vixie says that while the topic of recursive name servers is “boring as sand on the beach,” organizations should run their own because there are risks in centralization.

“That makes everything about the internet more resilient and probably safer and more private,” Vixie says. “We should not have taken something that was this important and moved it further and further away. There’s nothing about the average home network that can’t tolerate an extra recursive name server.”

In this video interview with Information Security Media Group, Vixie discusses:

  • Why there are likely to be major security incidents affecting core internet infrastructure;
  • Why making security improvements to DNS poses challenges;
  • How organizations can use DNS to improve their defenses against cybercrime and fraud.

Vixie is CEO of Farsight Security, which focuses on DNS solutions. For more than a decade, he was the maintainer of BIND, a popular open source DNS software system. He’s an international speaker who has testified before the U.S. Congress, and he was inducted into the Internet Hall of Fame in 2014.

About the Author

Jeremy Kirk

Jeremy Kirk

Managing Editor, Security and Technology, ISMG

Kirk is a veteran journalist who has reported from more than a dozen countries. Based in Sydney, he is Managing Editor for Security and Technology for Information Security Media Group. Prior to ISMG, he worked from London and Sydney covering computer security and privacy for International Data Group. Further back, he covered military affairs from Seoul, South Korea, and general assignment news for his hometown paper in Illinois.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.