Are You Ready for DNSSEC?

With time getting away from me this evening due to a huge deluge of work that needs my attention, I will simply leave you with something to consider for the next 24 hours.

Something called DNSSEC (DNS Security) will come online on 5th May which will authenticate DNS responses with digital certificates. Unfortunately, this has a side effect of increasing the size of a DNS response and some modems will have issues allowing DNSSEC to work as they only ever expected less than 512 bytes in response.

One thing to check is if your modem and/or router has a DNS proxy or cache option. If it does, you would be wise to disable it (apart from the fact that routers are usually slower than a dedicated DNS that your ISP would provide especially with their limited RAM and CPU). So long as your ISP has got their DNS up to scratch you should be fine.

I’ll delve more into why DNSSEC is important tomorrow.

P.S. I hate how the letter “C” is right near the letter “X”, it makes typing DNSSEC and InfoSec rather humiliating if you are trying in a hurry and fail to correct the error.

1 ping

  1. […] This post was mentioned on Twitter by Boyd Chan. Boyd Chan said: Boydo's Tech Talk Update: Are You Ready for DNSSEC? ( #in #boydo #DNS #DNSSEC […]

Leave a Reply

Your email address will not be published.