Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security

cyber

Almost every activity on the Internet starts with a DNS query, a key function of the Internet that works as an Internet’s directory where your device looks up for the server IP addresses after you enter a human-readable web address (e.g., thehackernews.com).

Since DNS queries are sent in clear text over UDP or TCP without encryption, the information can reveal not only what websites an individual visits but is also vulnerable to spoofing attacks.

To address these problems, Google announced Wednesday that its Public DNS (Domain Name System) service finally supports DNS-over-TLS security protocol, which means that the DNS queries and responses will be communicated over TLS-encrypted TCP connections.

The DNS-over-TLS has been designed to make it harder for man-in-the-middle attackers to manipulate the DNS query or eavesdrop on your Internet connection.

Launched over eight years ago, Google Public DNS, at IP addresses 8.8.8.8 and 8.8.4.4, is world’s largest public Domain Name Service recursive resolver that most people prefer instead of using default DNS services from their ISPs or carriers.

The search engine giant also says that it implemented the DNS-over-TLS specification along with the RFC 7766 recommendations to minimize the overhead of using TLS, which include support for:

  • TLS 1.3 for improved security and faster connections
  • TCP fast open
  • Pipelining of multiple queries
  • Out-of-order responses over a single connection to its public DNS server

Source: https://thehackernews.com/2019/01/google-dns-over-tls-security.html

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Next Post

New Systemd Privilege Escalation Flaws Affect Most Linux Distributions

Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the “systemd-journald” […]