Publishing zone scan data using an open data portal Sebastian Castro OARC Workshop Montreal – Oct 2015.

Slides:



Advertisements
Similar presentations
State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.
Advertisements

DNS Transfers in DNSSEC world Olafur Gudmundsson Steve Crocker Shinkuro, Inc.
Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
Internet Identity For All.my ccTLD IPv6 Update By Lai Heng Choong Head of Application, Database and Security.my DOMAIN REGISTRY APTLD Member Meeting, 1.
APNIC Member Services George Kuo. MyAPNIC 2 What is MyAPNIC A secure Member services website Internet resources management, for example: –Whois updates.
Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.
IANA Status Update ARIN XXVI meeting, Atlanta Barbara Roseman October 2010.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
Survey of DNSSEC Lutz Donnerhacke DNSSEC Meeting ( )
1 SecSpider: Distributed DNSSEC Monitoring Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.
Impact of Configuration Errors on DNS Robustness Vasileios Pappas, Zhiguo Xu, Songwu Lu, Daniel Massey, Andreas Terzis, Lixia Zhang SIGCOMM 2004 Presented.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
Technical Area Report Bryon Ellacott, Technical Area Manager APNIC 28.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
DNS Workbench Update DNS-OARC Workshop Phoenix, Arizona, USA Sat Oct 5, Jelte Jansen, Antoin Verschuren.
GIS Application in Firewall Security Log Visualization Juliana Lo.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
CSUF Chapter 6 1. Computer Networks: Domain Name System 2.
IIT Indore © Neminath Hubballi
Technical Area Report Byron Ellacott Technical Area Manager.
Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Domain Name System HISTORY File hosts (the size of Internet became more than 1000.
Test cases for domain checks – a step towards a best practice Mats Dufberg,.SE Sandoche Balakrichenan, AFNIC.
Measuring and Monitoring Registry Performance.nz.
Chapter 17 Domain Name System
APNIC Status Report RIPE 45 Barcelona May The APNIC Region Ref
APNIC Update RIPE 59 October Overview APNIC Services Update APNIC 28 policy outcomes APNIC Members and Stakeholder Survey Next APNIC Meetings.
APNIC Update ARIN XXVI 8 October 2010 Geoff Huston Chief Scientist, APNIC.
CIS 450 – Network Security Chapter 3 – Information Gathering.
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
DNS Security Pacific IT Pros Nov. 5, Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.
APNIC Update AfriNIC 12 May 2010 Sanjaya Services Director, APNIC.
Regional Internet Registries Statistics & Activities IETF 55 Atlanta Prepared By APNIC, ARIN, LACNIC, RIPE NCC.
Technical Area Report Byron Ellacott Technical Area Manager.
1 TWNIC Update Sheng Wei Kuo, TWNIC NIR SIG, 28 th APNIC OPM.
Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb KL, Malaysia.
Kenya Network Information Centre (KENIC). Introduction KENIC is the registry for the.KE ccTLD. Local and non-profit organization Mandate is to Manage.
1 Windows 2008 Configuring Server Roles and Services.
U.S. General Services Administration Office of Governmentwide Policy GSA EXPO May 4, 2010 Lee Ellis U.S. General Services Administration Office of Governmentwide.
Domain Name System (DNS). DNS Server Service Overview of Domain Name System What Is a Domain Namespace? Standards for DNS Naming.
.LV today and tomorrow Katrīna Sataki, NIC.LV Riga, 19 April 2013.
Measuring DNSSEC Use Geoff Huston APNIC Labs. We all know…
AU, March 2, DNSSEC, APNIC, & how EPP might play a Role Ed Lewis DNS SIG APNIC 21.
1 Discussion of the new DNS generation system DNS Operations SIG APNIC 18 2nd September 2004, Fiji.
* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.
Security in DNS(DNSSEC) Yalda Edalat Pramodh Pallapothu.
Happy Eyeballs for the DNS Geoff Huston, George Michaelson APNIC Labs October 2015.
Leo vegoda. APNIC 14, 3–6 Sept. 2002, Kitakyushu, Japan. 1 RIPE NCC Status Report at APNIC 14 Looking forward to winter…
DNS Security Extension 1. Implication of Kaminsky Attack Dramatically reduces the complexity and increases the effectiveness of DNS cache poisoning –No.
DNSSEC – Issues and Achievements Geoff Huston APNIC Labs.
1 Lame delegation status report DNS Operations SIG APNIC , Hanoi.
CNNIC UPDATE NIR SIG, 26 th APNIC, Christchurch, New Zealand.
Building Trust with Anchors Eric Osterweil Dan Massey Lixia Zhang 1.
APNIC Update RIPE November 2010 Rome, Italy Geoff Huston Chief Scientist, APNIC.
Services Area Report Sanjaya Services Area Director.
Aug 2008 KRNIC of NIDA KRNIC Updates.
DNS Cache Poisoning (pretending to be the authoritative zone) ns.example.co m Webserver ( ) DNS Caching Server Client I want to access
DNS Removals - Changing a TLD server‘s address - Peter Koch OARC DNS Operational Meeting Ottawa, 25-SEP-2008.
APNIC DNSSEC deployment considerations APNIC 23, Bali George Michaelson R&D Officer APNIC.
Internet infrastructure 1. Infrastructure Security r User expectations  Reliable service  Reliable endpoints – although we know of spoofing and phishing.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
Monitoring, analyzing and cleaning DNS configuration errors across European NRENs Slavko Gajin University of Belgrade, Serbia
Monitoring, analyzing and cleaning DNS configuration errors across European NRENs Slavko Gajin University of Belgrade, Serbia
Using Digital Signature with DNS. DNS structure Virtually every application uses the Domain Name System (DNS). DNS database maps: –Name to IP address.
Implementation of ARIN's Lame DNS Delegation Policy
Lame DNS Server Sweeping
Presentation transcript:

Publishing zone scan data using an open data portal Sebastian Castro OARC Workshop Montreal – Oct 2015

NZRS is an InternetNZ company Provider of: Critical Internet infrastructure Authoritative Internet data Embracing open data Helping NZ ecosystem to provide arguments with data Enabling a new generation of research Motivation October 2015 Publishing zone scan data using an open data portal 2

Started on Aug 2013 Runs monthly Governed by policy and-web-scanninghttps://nzrs.net.nz/dns/zone- and-web-scanning Based on a fork from dnscheck DNS tests for configuration correctness + data gathering Zone scan October 2015 Publishing zone scan data using an open data portal 3

Notable examples Domain is broken, lame, has mail server Name server status Answers UDP, TCP, recursion, AXFR DNSSEC Signed domains, signed delegations, DNSKEY algorithms Web server, mail server, name server addresses Both v4 and v6 Zone scan October 2015 Publishing zone scan data using an open data portal 4

TTL distributions NS RRset, MX RRset, “web” RRset Geolocation of services Name servers, Web servers, Mail servers Zone scan October 2015 Publishing zone scan data using an open data portal 5

Cloud mail services market October 2015 Publishing zone scan data using an open data portal 6

Collect data about “new” technologies DANE, SPF, DKIM Improve some of the collections DNSKEY key length Update the software Give zonemaster a try Zone scan future October 2015 Publishing zone scan data using an open data portal 7

Cloud solution provided by Socrata Our efforts to support Internet research and share data openly Two datasets at the moment.nz zone scan.nz registration data Aggregated and anonimized Internet Data Portal October 2015 Publishing zone scan data using an open data portal 8

.nz Zone Scan Data Set Zone scan visual explorer IDP - Examples October 2015 Publishing zone scan data using an open data portal 9

Domain level errors Errors/2cqk-jxpt Name servers errors Nameserver-Errors/g8c6-rp3v DNSSEC Status DNSSEC/jd96-epec IPv6 adoption 4eiq IDP - Examples October 2015 Publishing zone scan data using an open data portal 10

DNSKEY algorithms algorithms/ari3-y5bk TTL distribution sample TTL-Sample-/98tk-cy6dhttps://idp.nz/Domain-Names/-nz-Zone-Scan- TTL-Sample-/98tk-cy6d IDP - Examples October 2015 Publishing zone scan data using an open data portal 11

Data is available for others to use For example, server geo-location dashboard Server geo-location animation Interactive map for-nz-using-open-data/ IDP – Potential uses October 2015 Publishing zone scan data using an open data portal 12

More datasets Aggregated from.nz DNS traffic Thanks SIDN for the inspiration DNSSEC and IPv6 adoption for NZ from APNIC Thanks Geoff! String analysis of the registry Levenshtein Portfolios Word segmentation and tagging External visualizations using the data IDP - Future October 2015 Publishing zone scan data using an open data portal 13

Contact:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.