Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/9/2010
12:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Afilias Improves Security For .IN Domain With DNSSEC

DNSSEC protects the DNS from cache-poisoning exploits

NEW DELHI – 9 November 2010 – Afilias, a global provider of Internet infrastructure services, today announced that it has enabled Domain Name System Security Extensions (DNSSEC) for the .IN country code top-level domain (TLD) for the country of India, improving global security for this domain which houses over 700,000 .IN domains. .IN was officially signed on November 4, 2010 and its Delegation Signer (DS) records are expected to be entered into the DNS Root by the Internet Assigned Numbers Authority (IANA) shortly, allowing the .IN zone to be validated using DNSSEC.

“Afilias has been a leader in DNSSEC deployment, and is proud to provide this state-of–the-art level of security for the .IN domain,” said Ram Mohan, Executive Vice President and Chief Technology Officer for Afilias. “Afilias has now secured more top-level domains with DNSSEC than any other registry provider. DNSSEC is a critical step forward for India and serves as a foundation to ensure that the .IN TLD remains among the most secure domains in the world.”

DNSSEC protects the DNS from cache poisoning exploits which can allow malicious entities to intercept an Internet users’ request to access a website, and redirect or eavesdrop on the user without their knowledge, and with no ability to reassert control. DNSSEC introduces digital signatures to the DNS infrastructure and automatically ensures that users are not hijacked and taken to an unintended destination.

“Security is a key priority for India and we are pleased to be among the leaders taking the initiative to support the adoption of DNSSEC,” said Mr. Ravi Shanker, Chief Executive Officer for the National Internet Exchange of India (NIXI), the .IN registry operator. “Our efforts in working with Afilias to improve .IN’s security illustrate our commitment to enhance India’s sovereign space on the Web and improve the value it provides to Internet users around the world.”

Afilias completed the largest registry DNSSEC deployment on behalf of the Public Interest Registry when it enabled DNSSEC for .ORG in 2009-2010. The signing of the .IN domain represents the tenth top-level domain (TLD) that Afilias has secured with DNSSEC. These signing efforts are part of Afilias’ “Project Safeguard” initiative, which will rollout DNSSEC across its registry and DNS platforms.

Once the DS records are entered into the root, Afilias will activate a “friends and family” period that will allow the public to gain experience with a select group of .IN second level domain names that have also been signed. About Afilias

Afilias is a global provider of Internet infrastructure services that connect people to their data. Afilias’ reliable, secure, scalable, and globally available technology supports a wide range of applications including Internet domain registry services, Managed DNS, and services in the RFID and supply chain market with its Afilias Discovery Services. For more information on Afilias please visit www.afilias.info.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27187
PUBLISHED: 2020-10-26
An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related command...
CVE-2020-7752
PUBLISHED: 2020-10-26
This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
CVE-2020-7127
PUBLISHED: 2020-10-26
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7196
PUBLISHED: 2020-10-26
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the ur...
CVE-2020-7197
PUBLISHED: 2020-10-26
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* U...