HARD-DNS: Highly-Available Redundantly-Distributed DNS
The DNS or Domain Name System is a critical piece of the Internet infrastructure. In recent times there have been numerous attacks on DNS, the Kaminsky attack being one of the more insidious ones. Current solutions to the problem involve patching the DNS software (Bind) and/or using DNSSEC. Unfortunately, these are forklift upgrades of the DNS infrastructure and are not always feasible especially in sensitive and critical installations. The authors propose and develop the architecture for HARD-DNS - a turn-key bolt-on solution with no client-side change.