IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

EU agency takes on DNS flaw

ENISA is looking at system security extensions as one way of strengthening the security of servers handling IP addresses.

The European Network and Information Security Agency (ENISA) has said it is looking at three different measures to bolster the security of the net's addressing system.

The agency, whose job it is to advise the European Union (EU) on public IT and communication security issues, said it was investigating new security measures in response to recently uncovered flaws in the internet's Domain Name Systems (DNS).

The flaws, first identified by security researcher Dan Kaminsky, were proven to be able to poison the servers that translate domain names into internet protocol (IP) addresses, with the potential to infect user PCs with malicious code or intercept and edit email.

ENISA said it is looking into three standard technologies to combat the flaws. They include Multiprotocol Label Switching (MPLS ), IPv6 and Domain Name System Security Extensions (DNSSEC).

DNSSEC, for example, is a set of DNS extensions that provide origin authentication of DNS data, data integrity and authenticated denial of existence. DNSSEC protects internet servers from domain name system attacks, e.g. DNS cache poisoning by malicious users. ENISA said several European Country Code Top Level Domain Registries have already adopted the use of DNSSEC and are actively participating in the agency's activities.

The agency added that it was looking at the potential of all three technologies to help improve the resilience, availability and integrity of the internet. It is also working with regulators, policy makers, network operators, network equipment vendors and academia to establish best practice approaches to tackling the flaws.

The agency is taking stock of existing policies and regulations used locally, across EU Member States, by operators through a series of interviews.

And, to assess the effectiveness of any potential fix and identify potential problems or gaps that arise with those fixes that could compromise the availability of networks and services, the agency will analyse the operator input, in direct consultation with all leading stakeholders, in order to develop EU guidelines.

"The recent spotlight in the news on DNS vulnerabilities and attacks highlights the importance and relevance of ENISA's work on improving the resilience of public communications, vital for European e-government and ultimately, e-business," said Andrea Pirotti, ENISA's executive director.

The final results of the agency's research will be presented at a "Resilience of Public e-Communication Networks" workshop that will take place in Brussels in November.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022