As the holiday season is now upon us, I’d like to take this opportunity to thank everyone who has visited this blog during 2007. In June, the number of visitors took off big time and our annualized runrate during the last 6 months has exceeded the one-million milestone. In my view, this confirms that the approach we have chosen has some appeal to it – after all, one way or the other, nearly everything I have been going on about here relates back to Nixu Software.

In 2008, we will continue to serve the networking community through this blog. Additionally, we are going to launch a new online service in February-March timeframe that we hope will become a valuable asset to the networking community. Best of all, it’s going to be free. So do tune in in 2008 for more!

Meanwhile, I wish you and your loved ones happy holidays and a prosperous 2008!

For those of you who haven’t visited Infoworld’s website today, they’ve just published an interesting article titled DNS attack could signal Phishing 2.0. To provide you with a quick recap, the piece describes how open recursive DNS servers are used by criminals to provide end-users with false name to IP resolution. In real terms, this means that by typing in www.nixusoftware.com on your browser you might end up somewhere else entirely. Apparently, there are some 68,000 downright malicious recursive DNS servers out there (0,4% of total) and another 300,000+ (2% of total) servers that give out “questionable” results, so it’s not a small problem we’re talking about here.

As we all know, there’s no such thing as free lunch – not even on the Internet. Think about it: if you travelled to a foreign country and needed directions, you wouldn’t necessarily trust any old lurker hiding away in a dark alley, right? Rather, you would perhaps walk to the closest bookstore and buy yourself your own map. Or in this day and age, you would buy a new electronic map and download it on your GPS handset. Either way, this same principle can be applied to navigating the Internet – it may not always be the best of ideas to trust strangers.

Rather, there are two basic things you can do to secure your organization from threats such as Phishing 2.0 described in this article. As the first step, you should make sure that the clients hooked on to your network are properly secured – I’m sure the Symantecs of the world are more than happy to tell you how to get this done. The second step you should take is to set up your own, properly secured recursive DNS server and configure it so that it only allows recursion from trusted clients (or domains or IP address ranges). This way, you are self-sufficient as far as DNS recursion is concerned and do not have to trust stranger’s advice.

The easiest and the most inexpensive way to install your own recursive DNS server is to download Nixu Secure Name Server (SNS) and set it up as a dedicated caching DNS server for your organization. Nixu SNS is DNS software appliance that auto-installs on x86 boxes and virtualization platforms emulating x86 environment in just 10 minutes. It hardens the server automatically at the install and provides you with secure preconfigurations to make sure your server is only available to those you trust. Pretty simple, really.