Highly - Available Redundantly - Distributed DNS
نویسندگان
چکیده
The DNS or Domain Name System is a critical piece of the Internet infrastructure. In recent times there have been numerous attacks on DNS, the Kaminsky attack being one of the more insidious ones. Current solutions to the problem involve patching the DNS software (Bind) and/or using DNSSEC. Unfortunately, these are forklift upgrades of the DNS infrastructure and are not always feasible especially in sensitive and critical installations. We propose and develop the architecture for HARD-DNS a turn-key bolt-on solution with no client-side change. We utilize a separate distributed network, HARD-DNS, which is architected for greater resilience to DDoS (Distributed Denial of Service) attacks. We employ quorum techniques to increase tolerance to cache poisoning and we protect the connection between the resolvers and HARD-DNS by a technique we call IP-cloaking. We present theoretical analysis and experimental evaluation to validate the feasibility of our approach.
منابع مشابه
Reducible Complexity in Dns
DNS is one of the most important components of the Internet infrastructure. Unfortunately, it is known to be difficult to implement, and available implementations are difficult to configure correctly. DNS performance and availability often suffer from poor configuration which leads to unavailability or erroneous behavior of distributed systems that depend on DNS. The data structures of DNS are ...
متن کاملOrganization of descending neurons in Drosophila melanogaster.
Neural processing in the brain controls behavior through descending neurons (DNs) - neurons which carry signals from the brain to the spinal cord (or thoracic ganglia in insects). Because DNs arise from multiple circuits in the brain, the numerical simplicity and availability of genetic tools make Drosophila a tractable model for understanding descending motor control. As a first step towards a...
متن کاملWeb pages search engine based on DNS
Search engine is main access to the largest information source in this world, Internet. Now Internet is changing every aspect of our life. Information retrieval service may be its most important services. But for common user, internet search service is still far from our expectation, too many unrelated search results, old information, etc. To solve these problems, a new system, search engine ba...
متن کاملA Bi-Level Optimization Approach for Optimal Operation of Distribution Networks with Retailers and Micro-grids
Distributed energy resources (DERs) including distributed generators (DGs) and controllable loads (CLs) are managed in the form of several microgrids (MGs) in active distributions networks (ADNs) to meet the demand locally. On the other hand, some loads of distribution networks (DNs) can be supplied by retailers which participate in wholesale energy markets. Therefore, there are several decisio...
متن کاملRearchitecting DNS
The Domain Name System (DNS) has been the naming service of the Internet for more than 20 years. It is the foundation of virtually all other distributed service. The deficiencies of DNS with respect to performance, availability, and reliability are well known. We want to systematically improve DNS by (1) measuring DNS performance, (2) evaluating past proposals, and (3) try to come up with a new...
متن کامل