June 26, 2003 -- (WEB HOST INDUSTRY REVIEW) -- According to the inventor of the domain name system, the next generation of DNS development will focus upon the growth of IP computing and future applications.
"In the next five years, I expect to see a dramatic increase in the number of ways in which the DNS is used, reaching far beyond what we have seen in the past twenty," said Dr. Paul Mockapetris, in an exclusive interview with the Web Host Industry Review. "New applications such as intentional domain names, IP telephony, and the need for implementing digital signature standards such as the IP Security Protocol will dominate the DNS agenda."
Dr. Mockapetris made the prediction as the domain name system reached its twentieth year of operation. The first use of the DNS took place on June 23, 1983 at the University of Southern California School of Engineering's Information Sciences Institute (ISI).
Dr. Mockapetris and the late Dr. Jonathan Postel, a director at ISI, recognized the need for a global database of computer names and collaborated on the system as part of a pre-Internet project.
Twenty years later, DNS has become quite central to the Internet's operation. All Internet users depend on DNS every time they access a Web URL or send an e-mail message, because the system translates words into the numbers needed to locate Internet resources.
As the world's largest and busiest distributed database, the DNS handles billions of requests every day and was the first proof that database replication could be invisible and reliable on a global scale.
With every e-mail message sent or URL viewed, a request is made to multiple name servers scattered all over the globe. Today, enterprises depend on Dr. Mockapetris' invention to keep their online business operations running without interruption.
Dr. Mockapetris now continues to improve DNS technology at Nominum (nominum.com), a provider of IP address infrastructure software for enterprises that require reliable and secure DNS, DHCP and IP address management. He does so in order to recognize his five-year vision of the continuing development of the dmoain name system.
"Our goal is to build tools that allow the technology to disappear into the background," states Dr. Mockapetris. "We specialize in DNS and DHCP and create servers that are unmatched in security and performance."
The Nominum Foundation ANS, for example, is a dedicated authoritative name server used where DNS scalability, availability, and manageability are most critical. Top level domain (TLD) operators, large enterprises, and service providers with strict service-level obligations usually leverage it to eliminate unwanted downtime required to refresh data; to shield internal DNS servers; to lower memory consumption; and to protect against DNS spoofing attacks.
Nominum also offers caching server software that reduces capital expenditures by allowing a single hardware server to handle the DNS traffic that otherwise would require multiple servers.
The firm has also spearheaded the development of a leading tool, entitled Nominum DNS Response Validator (DRV), for eliminating vulnerabilities related to the domain name system.
"This tool acts as a filter that you can put at the edge of a network that will kill poison-type attacks," states Dr. Mockapetris. By poison attacks, Mockapertis means attacks, in which "hackers" construct bad data that acts to cause buffer overflows, thereby crippling Web server services.
In such incidences, an attacker attempts to bend messages, such as e-mail, as to trigger DNS look-up sessions that may crash a server. As the industry's first DNS armed guard, DRV blocks potential attacks on this well-identified network vulnerability in business applications running on UNIX systems.
According to Nominum, DRV is the only plug and play solution to this type of potential attack. The vulnerability affects the most common version of the DNS "stub resolver library." This is the first DNS vulnerability that leaves applications open to attack instead of the DNS server itself - a much larger and richer target for hackers.
Nominum DRV sits at the perimeter of the enterprise network and provides a transparent barrier securing applications from malicious DNS responses. It is an appliance product that can be installed without affecting applications or local caching name servers.
Another innovative set of products that Nominum focuses upon which can enrich a service provider's performance is its Dynamic Configuration Server. The Foundation Dynamic Configuration Server (DCS) is a highly scalable, enhanced DHCP server.
The Dynamic Host Configuration Protocol automatically assigns IP addresses and other network settings as computers attach to an IP network. This reduces the effort and cost of managing large networks with mobile users and constant change. Foundation DCS enhances these basic capabilities with on-the-fly reconfiguration and policy-based administration, offering cost-effective management for large, business-critical networks.
"Any organization with a large number of people managing data needs to be empowered," said Dr. Mockapetris. "Our product allows system administrators to fix problems that they are solely responsible for. Usually the problem with such applications as DHCP is that they can either do too little or too much. Our application allows for the delegation of a specific range of IP addresses to specific system administrators so that they only control their office's environment."
This application is therefore extremely useful for enterprises with decentralized office locations looking to add or remove network resources. The firm also provides wizard-driven software for re-numbering IP addresses, which can result when service providers merge or change networks.
Due to the advantageous products and services Nominum offers, a wide range of enterprises and network operators and providers are customers. The company also provides service providers with highly valued consulting services, through its staff of industry innovators, which includes people responsible for the creation and development of network information centers.
"We understand the fundaments behind the technology and hence can address complex problems within the IP addressing space."
