It has been a few weeks since the final version of Knot DNS 2.0 came out. While it’s still fresh, I would like to explain our motivation for this new major version and also to summarize the most important changes included in this significant release.
IETF 93 in figures
Last week Prague (and our Association together with the Brocade company) hosted the IETF 93 summit. You might have read about the functioning of this community at Root.cz, in the article (in Czech language only) by Ladislav Lhotka from our labs. The same server wrote (in Czech language only) also about Edward Snowden’s (virtual) participation in the summit.
CSIRT tools
No larger team can work with one data source and one incident management system today(at least we don’t know such team yet). That’s why every team is engaged in the development of their own tools or at least their own upgrade for already existing tools.
Knot DNS recursive weekly, July 24th 2015
IETF93 – prefetching and predictions – more cwrap – validating signatures
Knot DNS recursive weekly, July 15th 2015
I/O improvements – documenting – validation – Happy Eyeballs
Who’s poking at our Turris SSH honeypot
The Turris SSH honeypots are definitely not idle. There are currently 168 active honeypots that daily record 1000 to 2000 and on some days even up to 5000 SSH sessions containing at least one command.
Knot DNS recursive weekly, Blocking queries for fun and profit
A short tutorial on how to block DNS slow-drip attack with kresd.
Knot DNS recursive weekly, July 6th 2015
iced coffee, testing library, starting DNSSEC validation, prefetching queries, namebenching
Overview of multiplatform password managers
The news about LastPass hack broke recently. If the user had strong password, the password is not brute-forcable. However dictionary passwords along with passwords that are guessable with mutation and Markov chains can be broken up to length of 12 characters on one GPU even though LastPass’s key derivation function (KDF) using 100000 iterations. This means that if the attacker can crack user’s simple password, the attacker can download the encrypted blob containing passwords from LastPass and use the cracked password to decrypt them. The weakest link here is the password strength.
Making of Knot DNS Resolver
A storified tale of how we’re baking a modern resolver the hard way. Ingredients included.