Comcast has been testing and advocating for the widespread adoption of DNS Security extensions (DNSSEC) as it heps prevent hackers from injecting false information – otherwise known as DNS poising – that can re-direct a user to a fake Web site. According to the story on DNS Zone, this protection is essential to secure domains as well as validate them.
“The company plans to implement DNSSEC for the websites managed by Comcast, including comcast.com, comcast.net and xfinity.com, by the first quarter of 2011, if not sooner. Comcast will then set out to implement DNSSEC validation for all customers by the end of 2011. One message it aims to deliver to customers is the fact they will need to do nothing other than enjoy enhanced security.
“‘If you don’t want to wait until 2011, you can participate in our DNSSEC customer trial, which starts today,’ said Griffiths. ‘Opt-in by changing your DNS server IP addresses to 22.214.171.124 and 126.96.36.199 (we’ll be adding IPv6 addresses soon). The servers supporting this are deployed nationally in the same locations as our other DNS servers that millions of customers use everyday.’