Browse Prior Art Database

Automated Process to Monitor DNS Changes Over the Internet

IP.com Disclosure Number: IPCOM000183632D
Original Publication Date: 2009-May-29
Included in the Prior Art Database: 2009-May-29
Document File: 2 page(s) / 59K

Publishing Venue

IBM

Abstract

Disclosed is a functionality of a program and process used to validate a high volume of Domain Name Server (DNS) Internet Protocol (IP) and Time-to-Live (TTL) value changes for a list of hostnames and Domain Name Servers across the internet.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 2

Automated Process to Monitor DNS Changes Over the Internet

The big security news in the Summer-2008 has been the discovery by Dan Kaminsky of a serious vulnerability in DNS [1]. This vulnerability could allow an attacker to redirect network clients to alternate servers of his own choosing, presumably for ill ends. This discovery led to an unforeseen rush to patch DNS servers worldwide. There have been many disclosures of how the vulnerability manifests itself, one such disclosure is detailed below.

The purpose and business value of this disclosed process is to quickly and accurately validate the resolution of hostnames and TTL values across a wide number of DNS servers with a simple click of a button verses executing native operating system commands for each and every hostname/DNS combination which is the current process. Current tools and processes available in the market are native operating system commands which operate on a single DNS/hostname basis with complex text as the output. To operate the existing tools, technical resources with the right skills and experience are required, and such are typically limited to execution of the native operating system commands on a single set of parameters making verification across numerous domain name servers cumbersome.

Typically for a disaster recovery (DR) exercise[2], it sometimes becomes necessary, for a large number of applications in such scenarios to change the IP Address of existing hostnames in order to redirect internet traffic from one host system to another transparently. In some instances such redirection of internet traffic from one host system to others in multiple re...