The internet's root servers have been made more secure as a result of the addition of domain name system security extensions (DNSSEC).
These extensions make it more likely that when a web page is returned to a user, the right web page is returned rather than one posing as the requested page. The aim is to protect organisations and consumers from imitation e-commerce sites or banking log-in pages. These are often used by hackers to harvest personal information or banking details.
Further reading
DNSSEC works by adding further secure data to the domain name which means that the verification process is more likely to return matches that are identical to the original request - and that the match has not been tampered with while in transit.
Root servers are the core of the internet's global addressing system, they translate web addresses from text format (for example www.google.com) into Internet Protocol (IP) addresses, used to route network traffic to the correct website.
Internet technical community organisations and vendors have worked with the bodies responsible for the root server infrastructure, Internet Corporation for Assigned Names and Numbers (ICANN) and the US Department of Commerce.
VeriSign senior VP and CTO Ken Silva said that the collaborative, industry-wide effort to protect consumers and organisations from hackers who target DNS data, marked a decisive step forward.
"DNSSEC is designed to protect the DNS from 'man in the middle' and cache poisoning attacks, which can occur when hackers corrupt DNS data stored on recursive servers to redirect queries to malicious sites," said Silva.
"Poisoning a recursive server's cache is much more difficult with DNSSEC because DNS administrators sign their data [using keys]," added Silva.
A significant driver for this rollout was the disclosure of weaknesses in DNS by security researcher Dan Kaminsky two years ago.
To complement root servers being secured with DNSSEC, the large top-level domains (TLDs) will need DNSSEC applied to their infrastructure. The .org registry is currently the only one set up for DNSSEC.
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
