Don DeBolt, director of threat research, CA Technologies
January 03, 2011
Threat of the month

Threat of the month: P2P DNS

P2P DNS

What is it?
P2P DNS is the latest proposal for an alternative Domain Name System (DNS) service, one that strives to replace ICANN as the authority.  The concept is not new but has gained momentum recently.  


How does it work?
The basic premise is to decentralize DNS records  across nodes of a peer-to-peer (P2P) network, whereby each node would be able to resolve domain names without the need to contact the root DNS servers controlled by ICANN. The primary objective is to eliminate government control over the root domain servers. This has the potential to be a disruptive force and increase exposure to threats.

How can I prevent it?
P2P DNS does not yet exist. However, it is something we must be prepared to address. DNS resolution is a powerful security control that relies on trust in ICANN. Many corporations, ISPs and security products use DNS filters to protect against unauthorized content. Control over which DNS services are used can be aided through egress filtering and host level policy.

From the January 2011 Issue of SCMagazine »
Similar Articles

More in Features

Behind the scenes: Privacy and data-mining

Behind the scenes: Privacy and data-mining

With data-mining firms harvesting personal information from online activity, privacy advocates, if not yet consumers, are alarmed, reports James Hale.

The great divide: Reforming the CFAA

The great divide: Reforming the CFAA

Aaron Swartz's death inspired Rep. Zoe Lofgren to want to reform the federal anti-hacking law, but some security pros worry this would sterilize a potent enforcement weapon, reports Dan Kaplan.

Suspect everything: Advanced threats in the network

Suspect everything: Advanced threats in the network

Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.