All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC
You don't have to do more than that to disconnect an entire network' El Reg told as patches emerge
A single packet can exhaust the processing capacity of a vulnerable DNS server, effectively disabling the machine, by exploiting a 20-plus-year-old design flaw in the DNSSEC specification.
That would make it trivial to take down a DNSSEC-validating DNS resolver that has yet to be patched, upsetting all the clients relying on that service and make it seem as though websites and apps were offline.
The academics who found this flaw – associated with the German National Research Center for Applied Cybersecurity (ATHENE) in Darmstadt – claimed DNS server software makers briefed about the vulnerability described it as "the worst attack on DNS ever discovered."
What is DNSSEC?
DNS servers are used by web browsers and other software to turn human-friendly domain names like theregister.com into machine-friendly IP addresses to connect to. DNS servers are run by all sorts of organizations, from IT departments to home ISPs. DNS is insecure because it sends queries and responses over networks in plain text, allowing that data to be potentially altered by snoops to direct people's connections to malicious systems.
DNSSEC, aka Domain Name System Security Extensions, is an upgrade for DNS in that it uses cryptography to help ensure the results of queries aren't tampered with by miscreants. A DNSSEC-validating DNS resolver uses DNSSEC to perform this more secure form of DNS resolution.
Identified by Professor Haya Schulmann and Niklas Vogel of the Goethe University Frankfurt ....
https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
