Cesidian Root adds two new iTLDs; INNOOO and ICON.
It’s super easy to add a new iTLD of your choosing, and with the real-time modification propagation from UCANN2.net you can easily modify your TLD DNS records and watch in real time as the changes get populated out.
Please see http://whois.search/ for the most up to date whois information regarding any domain name globally.
We have created two new Top Level Domains, ‘temp’ and ‘tmp’ this is to be used for temporary domain name registrations.
Purpose : no known purpose
Some time ago, (July/June 2017), verelox.com had an infrastructure issue, where the crt.dist.dns.ucann2 (public CRT DNS) was shutdown. After a short time, the crt.dist.dns.ucann2 public server was activated, however networking connection failures continued. After some digging into the issue, and many attempts to update this server to be constant and up to date, it was determined yesterday (9-12-2017), to shut down the DNS services. Those using the crt.dist.dns.ucann2 server as one of their public resolver will see some latency until a change to the nameserver configurations can be made. UCANN2 is in communications and working with CRT to update all servers to use crt2.dist.dns.ucann2 (a server to replace crt.dist.dns.ucan2 at time of incident [above]).
UCANN2’s infrastructure is already operating at peak efficiency, and CRT’s infrastructure is operating as expected, and CRT and UCANN2 continue to monitor all DNS services.
Please see below the new name server IP addresses.
Please see the below links to follow up on exactly what happened with the verelox.com infrastructure and services.
Due to unforeseen issues, Cesdian Root (CRT) had an issue with their United States (US) homed servers. We at UCANN2 decided to jump in and lend a helping hand. UCANN2 is proud to announce that we are now a n active sponsor of Cesidian Root (CRT). We’ve spun up four clusters around the United States to provide constant, stable and reliable US resolving for CRT. Here are the new servers:
UCANN2 and CRT have been working around the clock to adjust the configurations of all UCANN2 and CRT DNS servers, and are now proud to announce, all services are operating at 100% and DNS is resolving faster then ever.
You can download the latest named.db from https://www.cesidianroot.eu/downloads.html and the new Server List from https://www.cesidianroot.eu/generic.html
UCANN2 and CRT are always looking for reliable and stable sponsors, if you are able to provide sponsorship, please give us a shout, simple send an email to [email protected] or [email protected]
If you are looking for more to your internet experience, simple change the DNS servers you use to browse the internet. Here are the public DNS servers for you to use. You will not lose anything from your internet experience, however you gain so much more….make the change today, and free your internet.
Happy Browsing.
Signed certificates are now being released. With the exclusion of the Inclusive Name Space, our signed certificates are not registered with any KNOWN signing authorities. With this known fact, we have created our own Certificate of Authority (CA) located at http://files.ucann2.net/pub/ssl%20certification%20files/CA%20Root%20crt/cacert.crt . By clicking this link, your browser should download and install the CA into your system as a CA, thus allowing our signed SSL’s to be valid on your computer. We use above standard encryption to be ahead of the industry. By not installing the CA you will receive a warning that the Author of the Certificate is unverified, although this is not a concern as we are 100% the ONLY Authorized CA as of this writing for Inclusive Name Space.
Once the above CA is installed, AND you are using the Public DNS Servers (https://www.ucann2.org/2017/03/08/public-dns-servers/) then you will be able to navigate to following, not limited to:
Due to a unforeseen issue, one of the public DNS servers was lost. However with reliable in mind, we have brought a new server online. This server is now operating at 100% and will continue to operate as long as UCANN2 gets funding…and by this I mean, I continue to earn money at a day job.
The new server is located in the Netherlands, so now the entire structure is spread across the earth.
For anyone polling our public DNS servers, please find the updated information below.
I’ve started restructuring the UCANN2 infrastructure. New servers, MORE servers and a completely different naming convention.
This new infrastructure will allow beeter reliablty as well as faster resolver time. Since I’ve moved the DNS structure to a DLZ (Dynamic Loading Zone) setup, the updates are immediate.
So check back often for new servers coming online.
It seems that domains like…
http://www.cesidian.root
http://tricycle.ti
http://uyghurensemble.uu
…resolve.
And ICANN domains like…
http://cmt.zone
http://ummoa.cc
http://ummoa.com
…also resolve.
Cheers!
Today a new type of ddos has occured, here is the first of it surfacing. I just received this email from the security offices.
Two of our servers are affected. I am working very hard to find a solution for this new kind of attack.
If anybody finds this kind of attack in the bind log files, please let me know about it immediately.Here a description of how this attack is acting and working:
Chinese Water Torture: A Slow Drip DNS DDoS Attack
A number of our service provider customers around the world are reporting that they see a new type of denial-of-service attack that is using the DNS as the attack vector. The service providers themselves do not appear to be the target of this attack. Instead, the attack tries to overwhelm an outside victim’s authoritative DNS servers. Once the DNS server is taken down, the victim’s domains will appear to be inaccessible.
As a side effect, our service provider customers are seeing a spike in DNS traffic resulting in increased CPU and memory usage. This blogs gives some more details about the attack and suggests what you can do to mitigate the impact of it.
The Attack
It appears that a fairly large botnet is used to send queries for the victim’s domain. Queries are made-up, with random string with up to 16 letters prepended to the victim’s domain, like:
xyuicosic.www.victimdomain.com
A query for this domain is then sent to the service providers DNS server. The DNS server attempts to contact the authoritative nameserver to find the answer. If the authoritative nameserver does not reply (because it is too busy responding to queries from DNS servers all over the world, or perhaps has crashed), the DNS server attempts to contact the next authoritative nameserver and so on. Modern DNS server will make multiple attempts to contact each authoritative nameserver before giving up and responding back to the client with a SERVFAIL response.
The infected client will then repeat the same pattern but this time with another random string prepended, for example:alkdfasd.www.victimdomain.com
Even though the DNS server was unable to get a response from any of the victimdomain.com authoritative nameservers during the previous query, most DNS servers will still attempt to contact them for this second query.
Now imagine that thousands of bots are sending a relatively small number of queries for such made-up subdomains. This will trigger a large increase in the number of DNS queries sent by the service provider’s DNS servers to the victim’s nameservers.How to Detect the Attack
While this attack most likely is targeting the authoritative servers for victimdomain.com, it also puts an increased CPU load on the DNS server by forcing it to continually initiate recursive queries and also consumes large amounts of resolver memory resources. More importantly, if the internal resolver resources are fully consumed, the resolver may drop any inbound queries, including queries from legitimate clients.
If the DNS server’s behavior is being monitored, the symptoms of the attack will also show up as:
Increased CPU utilization
Increased number of SERVFAIL responses
Increased number of outbound queries and retransmissions
Increased query latency
Increased number of dropped client queries (if the resolver resources are fully consumed)One thing all of the victim domains have in common is that they appear to be Chinese sites, perhaps gaming or gambling sites.