Network managers are being urged to run a series of checks on their routers and firewalls to ensure their users will still be able to connect to the internet in the wake of a major change to the internet’s domain name system this week.
On May 5, the world’s top domain authorities, led by the Internet Corporation for Assigned Names and Numbers (ICANN), the US Government and VeriSign, will complete the first phase of the roll-out of Domain Name System Security Extensions(DNSSEC) across the Internet’s 13 root servers.
Root servers directly answer Internet requests for records in the top level of the Internet naming hierarchy and answers other requests returning a list of the designated servers for top-level domains such as .zw the Zimbabwean top level domain. In simple terms, the 13 root servers sun the core system of identification of websites on the Internet.
DNSSEC was developed in an attempt to thwart ‘man in the middle’ attacks, in which hackers intercept a request and respond with a message that fools the user system into going to a false location.
But the new protocol – much welcomed by the industry – could have an unfortunate side effect for unprepared network managers.
A number of unprepared organisations or those that use old boundary devices may start experiencing internet access issues, and a number of network administrators will be left scratching their heads as to why. To complicate the scenario further, most administrators and ICT managers may not know what has gone wrong.
So we hope Zimbabwean ISPs and Organisations are prepared for these changes to ensure we will not have any Internet blackouts.