ThreatTalk episode 3
DNS security best practices
Want to radically improve cybersecurity? Enable DNSSEC—by default. That may sound a bit self-serving, coming from a cybersecurity company. But that wasn’t our suggestion. It comes from Matt Larson, VP of Research at ICANN.
That’s just one of the research nuggets Matt shares with us in this episode of the ThreatTalk podcast. Join us as he touches on a range of urgent cybersecurity topics, including:
- The value of completely separating recursive DNS servers from authoritative servers
- DNSSEC validation
- DNS cache poisoning
- DNS security best practices
Cricket Liu, Chief DNS Architect, Infoblox
Cricket is one of the world’s leading experts on the Domain Name System (DNS), and serves as the liaison between Infoblox and the DNS community. Before joining Infoblox, he founded an Internet consulting and training company, Acme Byte & Wire, after running the hp.com domain at Hewlett-Packard. Cricket is a prolific speaker and author, having written a number of books including “DNS and BIND,” one of the most widely used references in the field, now in its fifth edition.
Matt Larson, Vice President of Research, ICANN
Matt Larson is Vice President of Research in the Office of the CTO at ICANN. Previously he was Chief Technology Officer at Dyn, an Internet performance company and the world’s leading managed DNS provider. Prior to that he was Vice President and Director of Verisign Labs at Verisign, which operates some of the largest domain name registries in the world (including .com, currently clocking in at well over 100 million names). He’s a co-author, with Cricket, of DNS on Windows Server 2003, published by O’Reilly Media.