Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Too many times over the last few weeks, you heard that the real answer to all the DNS problems is DNSSEC. I decided to give it a try, and signed the zone. DNSSEC is not exactly used very widely, and it is very possible that we will be running into some problems. If you experience any issues, please let us know (via ;-) ). For most users, this will not change anything. It only matters if your resolver or your web browser actually verifies DNSSEC signature. Expect a few changes to our zone while I experiment.

"Experimenting" with a production setup isnt exactly ideal. But there is always On the other hand, many of the aspects of DNSSEC just can't easily be simulated in a lab.

Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Intrusion Detection In-Depth - SANS Doha March 2022


4351 Posts
ISC Handler
Aug 14th 2008

Sign Up for Free or Log In to start participating in the conversation!