CNNC expert analysis Baidu paralysis event call attention to domain security

January 13th morning news, according to Baidu domain name hijacking fault 11 hours, CNNIC assistant director Qi Lin said today to Sina Technology, from the CNNIC tracking data, DNS security was related to the accident and the analysis of the outside world, should cause reflection is the domain of security problem.

Qi Lin said that from the analytical data currently displayed by the baidu.com, the Baidu fault due to its domain name Name Server (hereinafter referred to as "NS") is modified, the NS function is decided on domain name parsing by which DNS server, NS modified to return the wrong DNS record of course will cause access error.

and this important NS record is maintained by domain name registration service provider.

data show that the baidu.com domain name registration service provider is the United States register.com. Qi Lin believes that according to the analysis of the current situation, the emergence of NS tampering with the accident may be the domain name baidu.com account theft in register.com, or register.com system is invaded.

for some condemnation of Baidu’s voice, Qi Lin believes that there is no responsibility in the event of Baidu. This is the responsibility of the domain name registration service provider register.com above, because they do not have a good system security protection for baidu.com account protection is not very high security level."

Qi Lin pointed out that this also reflects the domain name registration service provider for outbound China Internet companies lack of attention. "Baidu is a well-known search engine in China, if the domain name is registered in China, the network service providers will have a high degree of attention. While foreign registrants may not be aware of the importance of Baidu to Chinese users."

Another disadvantage of

is that the domain name is registered by the overseas registrar is that due to the presence of time difference and geographical segmentation, it is not easy to deal with an emergency. Qi Lin believes that this is one of the reasons for the resumption of Baidu’s visit took longer.

talked about the lessons of this incident, Qi Lin gives three suggestions.

first, important domestic enterprise network users should try to use the domestic domain name registration services, because the domestic service provider for domestic security important enterprise network protection level is higher, after qq.com from overseas to domestic is a case.

second, CNNIC suggested that Internet companies try to apply.CN domain name. CN domain name registration authority is located in Beijing, when an emergency occurs, contact and processing speed will be relatively fast. And for the protection of the focus of the CN domain name, its NS records have a high frequency of focus on monitoring, monitoring is modified, can greatly reduce the probability of the occurrence of the Baidu event. Even if malicious tampering, CNNIC 7*24 hours of technical support can also be a short time

Leave a comment