cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
DHerrmann
Contributor II

DNS Flag Day - February 1, 2019

I've been hearing quite a bit about DNS Flag Day - February 1, 2019. 

 

Good article:  https://www.tripwire.com/state-of-security/security-awareness/dns-flag-day-dns-doomsday/

 

This doesn't seem to have gotten a lot of press, and I'm a wee bit concerned that some of may be caught off-guard on the 1st.

 

Thanks for looking...

3 Replies
Shannon
Community Champion

 

I couldn't find much on that either, save the blogs, forums and some news sites. There was a lot of discussion on it here, but so far as authoritative sources go, there was just ISC's site & nothing on that of ITEF or ICANN.

 

The regulatory authorities here usually alert us to things like malware attacks, system vulnerabilities, our sites being blacklisted, and so on. Related to DNS there was the Root Zone KSK Rollover last year & recently, DNS Hijacking attacks in this area, but so far nothing about DNS Flag Day.

 

I guess I'll send them an inquiry, coz I would need more information before responding to something like this...

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Shannon
Community Champion

 

I didn't give this much thought after the last post, having been plagued with other issues, such as DNS Hijacking and other attacks on our organization. But just yesterday, one of the regulatory authorities here send us an alert about this, which simply stated the basics, and provided 2 URLs to check your domain's compliance on.

 

  1. https://ednscomp.isc.org/ednscomp
  2. http://dnsviz.net/

I'd earlier used the 1st one, but the 2nd provides better results. They usually provide recommendations to fix the issues, but there were none  this time, so I'll assume they don't know if there'll be much of an impact or have decided it's negligible.

 

Our DNS server doesn't use EDNS, so I'll leave it that way until there's more info from them or we otherwise see a significant impact...

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz