August 26th afternoon, China’s first "China status of domain name service and security report" released today, the report shows the current domain name server Chinese total of nearly one million, of which more than 50% of the domain name server is relatively safe, and important information system Chinese 57% DNS risk.
reported that 57% important domain name deposit risk
report data show that the 57% domain name resolution services in the state of risk, of which 11.8% of the domain name due to improper configuration management, at a higher risk. At the same time, China’s recursive domain name server (with the ability to deal with the recursive query function of the domain name server) was DNS hijacked the possibility of 4 times the world average.
for the current domain name service system security risks, Chinese Internet Network Information Center (CNNIC) director Mao Wei said that the domain name service includes two categories, one is the domain name registration service usually said, the other one is the domain name security service, and in the process of using the domain name security operation becomes more and more important, but the this has not been enough attention.
report data show that from August 2009 to August 2010 a year, the world’s largest domain name attacks up to 20. China has experienced a storm because of the domain name attacks, resulting in a large area of the country off network events. In early 2010, Baidu has also been hijacked domain name, the site can not access the accident, which has brought huge losses to businesses and users.
experts call attention to operational safety
, the domain name system including the root domain name service, domain name service, DNS top authority and recursive domain name service four levels, both by ICANN and professional domain name registration and management agencies to provide operational support and maintenance operation, safety aspects of these two guarantees, the vast domain safety accident hit most appear in the domain name service authority and recursive domain name service system.
report noted that more than 20 of the global domain name security incidents, 16 occurred in the authority of the domain name service system and recursive domain name service. The main reason is the server two many links, decentralized management, limited scale, maintenance personnel technical level is uneven, there is no uniform standard, storm and Baidu in the event of attacks from the level of the domain name.
industry and information communication safeguard bureau relevant leaders said, to regulate the domain name service industry, enhance the safety factor of the domain name service, the urgent need to establish a neutral, skilled and orderly management of the third party to provide domain name security service. Enterprises can outsource their own domain name security services to professional third party service.
for the implementation of this scheme, the North Long net and the combination of CNNIC and development of the 9 industry standards related to the domain name domain name, domain name, security operation, technical requirements of IPv6 network domain name DNS request chain of each part, of which two safety standard has received the Ministry of industry and information technology approval, can solve the operation safety >