Monday, October 31, 2011

IDNA security concerns

During my recent webinar of October 25th regarding IPv6 and internationalized domain names (IDNs), I promised to post a few links on my blog regarding security considerations when deploying IDNA. These security concerns stem primarily from homographs, where characters are visually identical but have in fact different unicode and therefore IDN representations.

The issue that may arise is that a link may appear "legitimate" or intended by a user but the IDNA-translated URL may result in a DNS lookup mapping to an attacker's DNS zone file which could result in phishing and similar attacks. This of course is not an issue unique to IDNA as it occurs on a daily basis within the Latin alphabetic representation in DNS. Attackers publish links that substitute "1" for "l" or "0" for "O", etc. or outright misspell otherwise familiar words or company names. But IDNA adds an additional layer of obscurity as homographs will be indistinguishable to the otherwise careful reader.

Here are some links on the topic for details:
If you'd like to view a replay of the webinar or any of those within the IPv6 webinar series, please navigate here and you will have access to all webinars within the series as they are completed and posted.

Monday, October 17, 2011

IPv6 webinar series - Session 1

Beginning next week, I'll be conducting a series of five webinars with the help of gotomeeting, focused on IPv6. Actually the first webinar in the series touches on IPv6 though it focuses primarily on IDNs, internationalized domain names. I decided to offer this IDN/IPv6 webinar as the first in the series since it introduces IPv6 and provides a context for IPv6 especially for IT managers in North America, namely to facilitate continued web presence for Asia users. IDN is another evolving IPAM-related technology that can ease the usability or navigation to your sites for Asia-based users among others. Following are the planned dates and topics for the IPv6 webinar series:

Webinar TopicDate and Time
IDNs and IPv6: Enhancing your Asia presenceTuesday, October 25, 2011, 12-1pm EDT
Introduction to IPv6Thursday, October 27, 2011, 12-1pm EDT
IPv6 deployment checklistTuesday, November 1, 2011, 12-1pm EDT
Configuring DNS for a dual stack networkThursday, November 3, 2011, 12-1pm EDT
DHCPv6: features and comparison with DHCPv4Tuesday, November 8, 2011, 12-1pm EST

The first webinar, IDNs and IPv6: Enhancing your Asia presence will discuss the following. The rate of broadband and wireless services deployments in the Eastern hemisphere far exceed those in the West. With this Internet access proliferation into broader, less technical segments of these populations, it behooves organizations to assure Internet reachability and simplify navigation to their web resources. This webinar will discuss how implementation of IPv6 and international domain names (IDNs) can help achieve these objectives. Register here.

For more information about the series and topics to be discussed in other webinars, I'll be blogging about that later, or you can see the short answer here.