Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management

Using DNS Data for Cybercrime Intelligence

DNS Pioneer Paul Vixie on Running Your Own Recursive Resolver
Paul Vixie, CEO, Farsight Security

Paul Vixie is one of the engineers who designed the original protocols for the Domain Name System, or DNS. He says DNS, which translates domain names into IP addresses, provides a rich source of data that can help organizations defend themselves against cybercrime.

See Also: Live Webinar | Adversary Analysis of Ransomware Trends

Organizations should look closely at their DNS traffic to ensure they’re filtering out potentially harmful requests that could lead to unsafe services, he says. They also should run their own recursive resolvers – which sit in between authoritative name servers and clients and help to keep the internet more resilient. In fact, he’s joked that if he was hit by a truck, his family would probably chisel "run your own recursive name server" on his headstone.

Many large internet companies, such as Google, Cisco’s OpenDNS and Cloudflare, now offer their own DNS resolution services. Vixie says that while the topic of recursive name servers is “boring as sand on the beach,” organizations should run their own because there are risks in centralization.

“That makes everything about the internet more resilient and probably safer and more private,” Vixie says. “We should not have taken something that was this important and moved it further and further away. There’s nothing about the average home network that can’t tolerate an extra recursive name server.”

In this video interview with Information Security Media Group, Vixie discusses:

  • Why there are likely to be major security incidents affecting core internet infrastructure;
  • Why making security improvements to DNS poses challenges;
  • How organizations can use DNS to improve their defenses against cybercrime and fraud.

Vixie is CEO of Farsight Security, which focuses on DNS solutions. For more than a decade, he was the maintainer of BIND, a popular open source DNS software system. He’s an international speaker who has testified before the U.S. Congress, and he was inducted into the Internet Hall of Fame in 2014.

About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.