Presentation is loading. Please wait.

Presentation is loading. Please wait.

(An Anti-Abuse Perspective)

Published byJewel McCormick Modified over 8 years ago

Similar presentations

Presentation on theme: "(An Anti-Abuse Perspective)"— Presentation transcript:

1 (An Anti-Abuse Perspective)
DNS Fundamentals (An Anti-Abuse Perspective) Carlos Álvarez, IS-SSR Team | Steve Conte , Office of the CTO 18 May 2016

2 Domain Name System 1 Resolution Process 2 Registration Process 3
Internet Identifiers Structure and Resolution Resolution Process Parties Involved Registration Whois 2 Registration Process 3 Why all this matters: Anti-Abuse

3 DNS: Internet Identifiers
MAC, IP, Domains

4 SLD – Second Level Domain
DNS: Structure and Resolution string.tld. “.” edu org club biz ar any isoc icann gacweb whois root – “.” TLD – “.org.” 2nd Level – “icann.org.” 3rd Level – “gacweb.icann.org.” Top Level Domain SLD – Second Level Domain 4

5 DNS: Structure and Resolution
string.tld. m.root-servers.net a0.org.afilias-nst.info ns1.icann.org dns.icann.org 1 2 3 4 5 6 7 8 5

6 DNS: Registration Process
Who does what? 6

7 DNS: Registration Process
<command> <create> SRS (market competition) / EPP Availability check / response Provision of account information and WHOIS Registrar receives, adds to own DB, forwards to Registry Registry adds entry in its zone 7

8 DNS: WHOIS Registration Info Postal address, email, phone, fax
Timestamps, statuses, name servers Accuracy Validation, i.e. s in RFC5322, phone numbers in ITU-T E.164, postal addresses in UPU or S42 format template Verification: Registrant or Account Holder or telephone requiring affirmative response Contacts: Registrant, Admin Contact, Tech Contact, Billing Contact 8

9 DNS: Why all this matters
Anti-Abuse 9

10 DNS: Why all this matters
Anti-Abuse Some hot topics regarding abuse of registration services: Resellers: Identified by Registrar? Responsive? Privacy/Proxy services: Relay/Reveal Compliance with RAA abuse provisions: Review and Respond Suspension/cancellation of malicious domains? DNS Sinkholing? Not enough data or false positive? Domain Generation Algorithms: Automated! Threats: Botnet command and control Malware distribution Phishing/pharming 10

11 DNS: Why all this matters
Anti-Abuse Some hot topics regarding abuse of resolution services: m.root-servers.net a0.org.afilias-nst.info ns1.icann.org dns.icann.org 1 2 3 4 5 6 7 8 DNS Hijacking / Cache Poisoning 11

12 x DNS: Why all this matters
Anti-Abuse Some hot topics regarding abuse of resolution services: x DNS Servers (ISPs, own) Victim Reflection+Amplification=DDoS 12

13 ICANN One World. One Internet

14 Engage with ICANN Questions?
/ @isitreallysafe twitter.com/icann gplus.to/icann facebook.com/icannorg weibo.com/ICANNorg linkedin.com/company/icann flickr.com/photos/icann youtube.com/user/icannnews slideshare.net/icannpresentations

Download ppt "(An Anti-Abuse Perspective)"

Similar presentations

IANA TLD Zone Inspection Shanghai, China Louis Touton 29 October 2002.

IANA TLD Zone Inspection Shanghai, China Louis Touton 29 October 2002.
© 2003 Public Interest Registry Whois Workshop Registrant/User Classification & Current Practices Panel Presented by Bruce W. Beckwith VP, Operations October.

© 2003 Public Interest Registry Whois Workshop Registrant/User Classification & Current Practices Panel Presented by Bruce W. Beckwith VP, Operations October.
Internationalizing WHOIS Preliminary Approaches for Discussion Internationalized Registration Data Working Group ICANN Meeting, Brussels, Belgium Jeremy.

Internationalizing WHOIS Preliminary Approaches for Discussion Internationalized Registration Data Working Group ICANN Meeting, Brussels, Belgium Jeremy.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
ICANN SSAC, Cairo Nov 2008 Page 1 Summary of Fast Flux Dave Piscitello ICANN SSAC.

ICANN SSAC, Cairo Nov 2008 Page 1 Summary of Fast Flux Dave Piscitello ICANN SSAC.
Enum is a Domain Name Tom McGarry NeuStar 571-434-5570

Enum is a Domain Name Tom McGarry NeuStar
.gy ccTLD.gy ccTLD Managed by the University of Guyana, on behalf of the Government of Guyana and ICANN.

.gy ccTLD.gy ccTLD Managed by the University of Guyana, on behalf of the Government of Guyana and ICANN.
Kuala Lumpur 24 July 2004 ICANN/ITU workshop Framing ccTLD relations Linking global and national responsibilities.

Kuala Lumpur 24 July 2004 ICANN/ITU workshop Framing ccTLD relations Linking global and national responsibilities.
© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.

© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.
A Next Generation Registration Directory Service (RDS) EWG Briefing for the IETF by Chris Disspain Monday Nov 4, 2013.

A Next Generation Registration Directory Service (RDS) EWG Briefing for the IETF by Chris Disspain Monday Nov 4, 2013.
.| The Trusted Channel Centric Marketplace Domain Name Transfers & Domain Delegation.

.| The Trusted Channel Centric Marketplace Domain Name Transfers & Domain Delegation.
SGNIC’s Measures Against Domain Name Abuses 26 August 2011 Lim Choon Sai General Manager (SGNIC)

SGNIC’s Measures Against Domain Name Abuses 26 August 2011 Lim Choon Sai General Manager (SGNIC)
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
Welcome to IANA Activities Update Elise Gerich | APRICOT 2015 | 4 March 2015.

Welcome to IANA Activities Update Elise Gerich | APRICOT 2015 | 4 March 2015.
IANA Activities Update Jean-Jacques Sahel | RIPE 70 Amsterdam| 15 May 2015.

IANA Activities Update Jean-Jacques Sahel | RIPE 70 Amsterdam| 15 May 2015.
CPSC 441: DNS1 Instructor: Anirban Mahanti Office: ICT 745 Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes derived.

CPSC 441: DNS1 Instructor: Anirban Mahanti Office: ICT Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes derived.
DNS Ecosystem Caitlin Tubergen - Juan Carlos Namis | Webinar

DNS Ecosystem Caitlin Tubergen - Juan Carlos Namis | Webinar
Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.

Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Text #ICANN51. Text #ICANN51 15 October 2014 At-large policy round table Holly Raiche Panel 1: Privacy and Proxy 1000 – 1045 Hrs.

Text #ICANN51. Text #ICANN51 15 October 2014 At-large policy round table Holly Raiche Panel 1: Privacy and Proxy 1000 – 1045 Hrs.

Similar presentations

Ads by Google