By Kevin Murphy
13th April 2010
Internet users face the risk of losing their internet connections on 5
May when the domain name system switches over to a new, more secure
While the vast majority of users are expected to endure the transition
to DNSSEC smoothly, users behind badly designed or poorly configured
firewalls, or those subscribing to dodgy ISPs could find themselves
DNSSEC adds digital signatures to normal DNS queries, substantially
reducing the risk of falling victim to man-in-the-middle attacks such as
the Kaminsky exploit, which caused widespread panic in July 2008.
The standard is currently being rolled out cautiously to the internet's
DNS root servers. In May, when all 13 roots are signed, anybody with an
incompatible firewall or ISP will know about it, because they won't be
able to find websites or send email.
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!