[dns-operations] Reminder: DNS Operations meeting on Friday (fwd)

Wed May 31 07:03:34 UTC 2006

A reminder that you must RSVP to rsvp-workshop at nominum.com before noon 
(PDT) on Thursday (6/1) if you plan to attend the DNS meeting on Friday. 
We need to provide your name and email address to Cisco ahead of time so 
that they can prepare a badge and guest wireless hotspot access for all 
attendees.

The agenda along with directions to get to the meeting physically or 
online are attached.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: guesthotspotnew_leaflets.pdf
Type: application/octet-stream
Size: 99143 bytes
Desc: guesthotspotnew_leaflets.pdf
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060531/9463737b/attachment.obj>
-------------- next part --------------
What:  DNS Operations meeting
Master of Ceremonies: Keith Mitchell of ISC

When:  Friday, June 02, 2006 9:30 AM - 5:00 PM 

Where: Darling Conference Room, 
       Cisco Systems, Inc. Building C 150 W. Tasman Drive
       408-526-8001 (main bldg phone)

Lobby hours for Building C are 7:30am - 5:00pm. There is parking in
front of the building.

Map Directions:
http://maps.yahoo.com/;_ylc=X3oDMTExNmIycG51BF9TAzI3MTYxNDkEc2VjA2ZwLWJ1dHRvbgRzbGsDbGluaw--
http://www.google.com/maphp?hl=en&tab=wl&q=driving%20directions

Here is the information on the Wireless Guest Spot:
Guest System Requirements
Guests visiting a hotspot enabled Cisco site need to use a computing
device with the following capabilities:

A laptop or PDA with 802.11b capabilities
Auto-detect WLAN settings (some connections require WLAN SSID set to
guestnet with no encryption)
Standard Web browser with proxy turned off
Current anti-virus software installed
Note: To simplify login, encryption has been disabled. It is highly
recommended that guests use VPN or SSH to encrypt their traffic

PDF attached on Cisco Guest Spot.

For those of you who will not be able to make it physically to the
meeting, Cisco is providing Audio and Web Conference capability:

Call MeetingPlace:
Toll-free (US only): 1-866-633-8639
Toll-free (Canada only): 1-866-676-3381 International Direct Dial:
1-650-260-9030 Press 1 to attend a meeting Enter meeting ID (087030)
followed by the # key Follow the prompts to join the audio conference
Meeting ID # 087030

TEST YOUR BROWSER TODAY OR THE DAY BEFORE THE MEETING

Visit (http://denali2.meetingplace.net) if you have not done so before,
to test your web browser you will use in the meeting for compatibility
with the web conference. Click on the "Browser Test" link at the bottom
of the page to run the test.  Turn off any pop-up stoppers, and click on
the "START" the inspection now button on the bottom of the screen. This
will inform you of any problems you might encounter.

Attend a MeetingPlace Web Conference

 Go to http://denali2.meetingplace.net

Enter meeting ID (087030) and click ATTEND MEETING Enter your name in
the "My name is" box and click Attend Meeting Click Yes to any Java
warnings

----------------------------------------------------------------------

General Interest 9:30 - 11:00
-----------------------------
9:30 - 10:00
  Title: CoDoNS and DHT round table
  Presenter:  David Ulevitch, EveryDNS

    Where do groups like ICANN then fit in?  What about the
    root-servers and the TLDs?  There is a lot to discuss and more
    questions than answers.  While the CoDoNS emails a week or two
    back spawned most of this discussion the focus will be more
    general about the impending changes to the DNS and what they could
    mean.

10:00 - 10:20
  Title: Community Response to Inter-network Abuse
  Presenter: Rick Wesson

    Identifying abuse on your network is hard. It frequently involves
    another another network, and most customers are unaware they are
    compromised. The talk will cover ways to address these issues.

10:20 - 10:40
  Title: Building Global Content-Distribution Networks
  Presenter: Bill Woodcock (woody at pch.net)

    Bill Woodcock will discuss his experiences and architectural
    principles in building several generations of global-scale
    content-delivery networks, in the DNS, file-sharing, web content,
    and streaming media spaces. This talk will emphasize anycast and
    topological load-distribution techniques, and address physical
    infrastructure deployment issues.

10:40 - 11:00
  Title: The IDN Experience
  Presenter: Sebastian E. Castro Avila <secastro at nic.cl>

    Last September, .CL enabled IDN domain registration. This talk
    will cover the load, the pattern of registration, use of IDN at
    the DNS level and other details.

11:00 - 11:30 Break

New releases 11:30 - 12:30
------------------------
11:30 - 12:00
  Title: What's new in BIND 9.4.0?
  Presenter: somebody from ISC

12:00 - 12:30
Title: NSD, Version 3
Presenter: Olaf M. Kolkman <olaf at NLnetLabs.nl>

   NSD is an authoritative only, high performance, simple and open
   source name server. This presentation features and overview of the
   history, the design philosophy, the architecture and a peek under
   the hood of the forthcoming version 3.

12:30 - 1:30 Lunch

Monitoring and measuring name servers 1:30 - 2:50
---------------------------------------------------
1:30 - 1:50
  Title: DNS monitoring tools
  Presenters: David Ulevitch <davidu at everydns.net>, 
	      Sebastian E. Castro Avila <secastro at nic.cl>

    A demo and overview of some tools for monitoring authoritative DNS
    servers and discovering trends.  Includes an overview of tools
    used by .CL for real-time DNS monitoring: dnstop+RRD

1:50 - 2:10
  Title: Netperf4 
  Presenter: Rick Jones <rick.jones2 at hp.com>

    Netperf4 is the synchronized, multiple system, multiple
    connection, multiple thread version of the venerable netperf (aka
    netperf2) benchmark.  If you like, you can think of netperf4 as
    the "eierlegende wollmilchsau" netperf :) With the multiple-mumble
    design philosophy leaning more towards system-level benchmarking,
    netperf4 is intended as a complement to, rather than a replacement
    for netperf2.

2:10 - 2:30
  Title: An Automated Incident Response System Using BIND Query Logs 
  Presenter: John Kristoff <jtk at ultradns.net>

    At Northwestern University we built on top of an existing network
    status and incident management system by incorporating the use of
    BIND query logs as an input source of data.  Using a blacklist of
    domain names that have been identified as servicing botnets as the
    locator for a command and control point, we setup a process to
    monitor queries on the institution's primary name servers to watch
    for accesses to these names.  Using a set of Perl scripts and a
    simple sampling function we were able to issue timely alerts for a
    subset of suspect hosts to local administrators with a very low
    rate of false positives.  This talk will discuss the history,
    implementation details and challenges of the system, which was
    recently shutdown after being run for a little over year in
    production.

2:30 - 2:50
  Duane Wessels <wessels at packet-pushers.com> 
  Title: Finding Open Resolvers

    Open DNS resolvers may be considered a threat to Internet security
    because they increase the possibility of cache poisoning, and have
    been used in large-scale DDoS attacks.  This talk explains our
    technique for probing DNS resolvers for openness, how we find
    resolvers to probe, and what our probes have uncovered.

2:50 - 3:20 Break

Operational challenges for TLD name servers 3:20 - 4:00
-------------------------------------------------------
3:20 - 3:40
  Title: Placement of TLD name servers and DNS reliability
  Presenter: Steve Gibbard (scg at gibbard.org)

    The domain name system, without which most Internet applications
    don't work, depends on reliable access to DNS information. Failure
    scenarios therefore exist where two Internet hosts may have
    connectivity to each other, but can't communicate because they
    lack a path to a DNS server in another location. A talk at last
    May's NANOG touched on this problem in the general case. This talk
    will look at the DNS in greater detail, and how the placement of
    DNS servers for various top level domains affects their
    reliability in different parts of the world.

3:40 - 4:00
  Title: Challenges of deploying anycast servers
  Presenter: Sebastian E. Castro Avila <secastro at nic.cl>

    This talk will cover the challenges of deploying anycast on a
    incorrectly organized national network (we've deployed anycast for
    .CL and a F-root replica, and we suffered trying to get it right)
    as well as the right placement for anycast servers. It will
    include a methodology used to find the right place (topologically
    speaking) for .CL anycasted nameservers along with some data and
    some preliminary conclusions.

4:00 - 4:20
   Title: Anatomy of Recent DNS Reflector Attacks From the Victim and
	  Reflector Points of View
   Presenter: Matt Larson (for Frank Scalzo)

     During January and February of 2006, the Internet saw a
     significant distributed denial-of-service attack that used open
     recursive name servers as reflectors.  VeriSign's infrastructure
     was attacked and we also had access to a recursive server that
     was used as a reflector.  Based on these experiences, we
     documented and analyzed the attack from the victim and reflector
     points of view.  This talk will describe the attack in some
     detail and discuss ways to mitigate future similar attacks.

DNSSEC 4:20 - 5:00
------------------
4:20 - 4:40
  Title: What's going on with DLV? 
  Presenter: somebody from ISC

4:40 - 5:00
  Title: DNSSEC deployment
  Presenter: Russ Mundy <mundy at sparta.com>

    A discussion of the issues around DNSSEC deployment.