DNSSec Works for Consumers, Almost

Every since I found heard about Dan Kaminsky’s research on flaws in DNS in 2008 I have been looking forward to the industry’s response, DNSSEC (Domain Name System Security Extensions). Unfortunately DNSSEC required an end-to-end solution from the root DNS servers to ISP servers to routers to operating systems to browsers. Parts have been working for awhile like my ISP’s DNS server. Finally this weekend with some beta software from my home router my dream of seeing DNSSEC for consumers has been completed.

My Verizon’s DNS server supports DNSSEC (note that as of today not all of Verizon’s servers are supporting DNSSEC). My Asatro router has implemented DNSSEC. Firefox and Windows 8 support it. With the help of the Firefox DNSSEC validator plug in you can see in the screenshot below the validation that Symantec’s website is the real site and could not have been spoofed by a DNS exploit. Yeah!

Now its time for Cisco/Linksys, Netgear, D-Link, etc. to support DNSSEC.

DNSSec in Action

Advertisements

About infoguardianangel
The consumer and corporate information guardian angel. Cybersecurity and privacy advice for my clients (and anyone else who cares about protecting their data or their companies).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: