What is the key to marketing to college students?

Location. Location. Location.  A recent report from Neustar examining how to market to today’s college students drives this message home, finding that targeting students by campus increases reach, conversions and sales.

The report, “College Students: Moving Off-Campus and Online,” finds that college students are plugged into their mobile devices, favoring smart phones, tablets and laptops over desktops and televisions. Collegians are also less campus-bound, spending only 30 percent of their time at school, thanks in part to the growth of online classes.  For these reasons, marketers need to extend their college marketing efforts beyond the usual tactics of campus ambassador programs (think student-union kiosks). Smart marketers target advertising to tablet-toting students who spend more time on Instagram than the college library.

Be Online and Relevant

The best way to integrate brands into college life: be online and be relevant. Location is key to the latter, according to the findings. Targeting banner ads by campus via IP geolocation lets marketers speak directly to specific audiences. Banners work even better when IP data is overlaid with predictive attributes such as brand and product propensities. The best practice is an integrated campaign, executed both on and off campus, online and through mobile devices, reaching students in all the places they live, study and play.

Download the free report to learn more about targeted advertising to college students, moving the Fall Rush needle and increasing marketing ROI.

Each year, we see statistics about how much time we as individuals waste by doing nothing. The average American spends over 30 hours a year stuck in traffic. And before you complain about your fellow drivers, you should know that the average American spends that many hours per week watching television. (Maybe putting a TV in cars isn’t such a bad idea after all.)

The point is that putting a cumulative dollar value to wasted time and delay is often eye-opening. CSPs know that time is money, but how much does our old friend, Delay, really cost in bottom-line revenue? With over 30 discrete processes needed to provision and activate a new customer, there are multiple points where an order can fail the first time–an occurrence known as “fallout”. Mistakes, omissions and manual processes contribute to fallout, creating delay that translates into dollars.

Do the Math

Just as we can put a dollar value on time wasted stuck in traffic or hours spent in front of the TV, you, as a CSP professional, need to know what fallout costs your business. Let’s consider a mid-sized provider who processes 75,000 orders a month with a fallout rate of 40 percent. This rate is not uncommon for CSPs whose order and provisioning workflow is not fully automated. Reducing fallout from 40 percent to 15 percent could result in savings of over $4 million a year – that’s from saving $2 million in order handling costs and earning $2 million more from customers whose orders were not delayed.

Automated order management system can’t make an imperfect system perfect, but it can help CSPs get closer. And no one would argue that having a new customer successfully using their new phone in minutes, rather than days or weeks, is great way to start and maintain a relationship.

Calculate Your Cost of Doing Nothing

Now that you know NOT addressing fallout head on is probably costing your business time and money, what do you do? Get started!

1. Know your number. What’s your fallout rate? Not the rate from last year or five years ago, but what is it now? These things have a way of slowly creeping up on us. You may be surprised by the number of orders that need special handling and manual intervention.
2. Calculate your fallout cost. How much does each failed order cost you? How long does it take to activate and start billing for an order that has fallen out?
3. Commit to reduce fallout. You might be surprised with your options. The resolution could be to implement an automated system. It is also possible that the solution could be to focus on the information. For example, there could be a piece of information your trading partner now requires. It is also possible that an issue is caused by human errors that can easily be rectified with training.

It might seem easy to resolve your fallout with the three steps identified above, but chances are you will probably still need some help and guidance. My advice is to find a partner to help with this effort and who will give you options. Here are a few crucial items to be sure your partner has:

• Knowledge of telecommunications IT with a history and track record of solving CSP-specific ordering problems.
• Connections needed for any carrier type or network infrastructure (wireless, wireline, VoIP) or off-network database to fulfill and publish orders.
• Process automation abilities, not additional complication.

Neustar has been working with CSPs since 1996 and can help you get smart about your business. Our order management solutions simplify ordering and fulfillment so you reduce manual processing, increase order accuracy and shorten the time to earning revenue. After all, $4 million a year is nothing to ignore. Want to learn more? Click here.

Today, the options are countless. A call might traverse hundreds of networks built with differing technologies before it arrives at its final destination. Within a fraction of a second, the CSP needs to determine how to route the call to achieve the desired margins and provide all the services requested. What was simple is now infinitely complex.

Neustar can help.

Last month, we introduced our new Communications Analytics solution enabling CSPs to put their information assets to work. Part of this powerful solution is Margin Management, which allows CSPs to maximize revenues by harnessing the real-time information they are already collecting from their customers. Call routing policies that were based on static tables and manual policies can now be managed using the CSP’s information assets and real-time network assessments. CSPs can develop a detailed analysis of network traffic right down to the route, city code and/or switch level. Understanding customers’ needs from a detailed perspective gives CSPs the opportunity to not only reduce costs by delivering only the services needed, but also improve the overall customer experience.

Neustar Margin Management.

Neustar has worked with CSPs for over a decade to help them meet the evolving challenges brought forth by the growth in connected devices. The new Communications Analytics solution encompasses our experience and understanding on how CSPs can use the information they have to improve their financial results. Margin Management is no exception.

The Margin Management solution examines four dimensions of call routing decisions: cost, quality, capacity and revenue based on real-time information. Using highly accurate and detailed network traffic analysis, CSPs can see their margins on their desktops, helping them make smart, data-based decisions and decreasing the need to spend resources on servers or data warehouse appliances. The solution is also able to bring together data from many sources and present it in actionable dashboards and reports. These analytics identify interconnection agreements and routing policies that can maximize profits and network performance. The CSP is also able to identify and shut down toll abuse quickly.

What can CSPs gain from Margin Management?

In call routing, every second counts. A fraction of cent might not seem critical, but when it is applied to millions of minutes of use,it becomes very material. The Neustar Margin Management solution provides visibility into key performance areas such as:

• Network Utilization – By Minutes of Use (MOU), Capacity and Utilization with drill down capabilities,
  • MOU and Cost Variance:Trends, Historical averages
  • Commitment analysis: MOU vs. Commitment levels
  • Actual vs. Plan: Actual MOU and Cost vs. Plan MOU and Cost
  • Quality of Service Trend: MOU and Access Service Request
• Decrease costs with faster routing changes utilizing accurate and timely information
• Leverage efficient and effective Service Level Agreement Management
• Reduce operational inefficiencies in routing, pricing and cost
• Eliminate losses because of manual route updates or network planning constraints
• Rapidly respond to changing market conditions

All this visibility adds up to real savings. CSPs using the Margin Management solution recognized between 10 and 15 percent margin improvement within 90 days. For interconnection costs, CSPs can achieve payback in as little three months.

Next Steps

When it comes to today’s telecommunication’s environment, very little is simple. Competition is fierce, network usage is continuing to sky rocket and margins are thin. In many cases, information remains an untapped asset for CSPs. Neustar recognizes this dynamic and is beginning to address it with the new Communications Analytics solution. The Margin Management component takes this a step further, enabling an approach that addresses supplier performance, traffic differences, and changing rate plans. With one click, CSPs can begin to once again simplify margin management.  Click here to start the journey.

After serving as a consultant for multiple organizations, I have encountered many companies that allow all internal devices to send outbound DNS queries to external DNS servers – a practice that can lead to myriad problems, including cache poisoning and misdirection to rogue IP addresses. For companies that want to enable internal devices to send these types of queries, having the ability to manually or automatically blacklist domains is a very effective way to add a layer of security to a broader security architecture.

What is DNS?

All types of applications, good and bad, use DNS to resolve a Fully Qualified Domain Name (FQDN) to an IP address, such as www.acme.com to 192.0.2.52. DNS allows for changes to be made to the IP address that is returned to the end user — these changes enable legitimate administrators to move traffic between data centers and/or cloud-based services based on load, maintenance, etc. That said, DNS also provides this ability to criminals who operate botnets and viruses; moving traffic as their activities are detected and shut down. Even if the server and/or IP address is shut down, these criminals can simply change the IP address for an FQDN and continue their malicious activity.

DNS & Blacklisting

Companies of all sizes are susceptible to DNS attacks. Depending on the type of external recursive DNS server that is running, there are a number of ways to tighten your outbound DNS recursive service, from manual domain blocking to fully automated updates as threats appear.

I recently worked with a company that was infected by a virus that got ahead of the anti-virus software for a short period of time. The security team knew that approximately 100-150 domains were actively being resolved to aid in the spread of the virus and payload. We resolved the issue by manually blacklisting the affected domains.

Infoblox has created a very compelling solution that allows users to update their blacklist as threats emerge. While we were able to successfully help mitigate the threat with manual updates, the Infoblox solution would have enabled us to be even more proactive.

If your company is small and runs a DNS server in house, using something tried and true, such as BIND can benefit you from this type of added security. Depending on where you prefer to source your list of blacklisted domains, these can be loaded to the external recursive server – causing a DNS firewall effect. The server will need to be updated regularly, removing domains that no longer need to be blacklisted and adding new domains on an as-needed basis.

Ensuring that the DNS firewall architecture is as effective as possible will require reviewing your firewall rules.  For example, I recommend restricting outbound port 53, Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) ,to allow only recursive server IP addresses access to the Internet on port 53 UDP/TCP. This rule would need to allow access to ANY IP address on the Internet, as these servers will have to walk the DNS tree and resolve DNS from servers worldwide.

By building these firewall rules, you can add depth to any layered security model.

Our Results, Overview:

• The continuing trend among e-retailers to increase their average page size negatively affected their overall performance.  For example, Easter e-retailers showed average page sizes of 1.14 megabytes. Page sizes during Mother’s Day rose to 1.3 megabytes. Not surprisingly, the average page load time increased as well.
• On mobile devices we found that despite tighter bandwidth constraints, e-retailers’ mobile sites were, on average, twice as fast as their desktop equivalents. Perhaps because of the reduced complexity of mobile websites, we also saw better uptime levels from our mobile monitors. For example, Teleflora received an outstanding achievement on the mobile platform, serving a home page of just 13 objects and a total of 48 kilobytes for much of our sample period.
• For our mobile monitors the YSlow score was a stronger predictor of a site’s load time. The number of objects loaded was also a significant predictor of load time on the mobile browser, but less so for the desktop.

For details on the web performance of each vertical tested, read on.

About the Website Monitors

To measure the home-page performance of major e-retailer sites, Neustar set up real-browser monitors on each. Our monitors ran every five minutes from San Francisco, Portland and Washington, DC, throttled to replicate typical bandwidths of home users with 6500 kilobits per second and 50 milliseconds latency on connections. Additionally, we monitored the sites with our

Chocolatiers as a group recorded an impressive 99.983% uptime. Of the 6 websites, 3 of them had mobile sites with substantially smaller sizes. Between Fannie May, Ghirardelli and Gourmet Gift Baskets, the total page size on the desktop was 3.22 megabytes, while on the iPhone total pages sizes were 1.04 megabytes, a 68% size reduction. Shari’s Berries, on the other hand, provided no mobile site. Their website, at 1.69 megabytes was the largest of all those sampled with our emulated mobile monitors.

Web Performance: Greetings Cards

Egreetings started the week with lots of timeouts on its website. As always, this is only a warning rather than a verified problem. In this case, there appears to have been a lot of objects being pre-loaded in the home page, which do not adversely affect the user experience and have the potential to significantly improve the user experience for loading subsequent pages on the site. That said, when they removed a 420K flash file from their home page, in the early hours of May 9^th, their website load times dropped noticeably and our monitors stopped timing out.

Hallmark had the largest page size we recorded, again caused in part by pre-loading files, though this website contained a large number of images (over 60) ranging in size from 10 to 40 kilobytes, which in aggregate resulted in a noticeably slow user experience. The large number of timeouts skewed the average. Although most of the load times fell in the range 5 to 8 seconds, the average load time was 10.37 seconds.

Looking at the aggregate information for Hallmark, we can see that of the 2.5 megabytes of content, the page downloads 1.8 megabytes of images. Surprisingly this takes “only” a third of the total download time. The majority of their page load time is caused by the 300 kilobytes of javascript and 330 kilobytes of CSS. For all three categories of files, these are amongst the largest of all web sites that we sampled.

Web Performance: Fine Jewelry

While fine jewelry sites all performed reliably over the week, there were large variances. For example, the page load time for Gordon’s Jewelers was 3.19 seconds compared with 13.79 seconds for Jomashop. The time difference was largely explained by the page size difference, with Gordon’s Jewelers total page size just over a half a megabyte and Jomashop’s well over 2 megabytes. Additionally, Jomashop required 222 page requests to load the page, the largest of any page we sampled. On the mobile side, Jomashop provided a slimmed down but still very heavy mobile experience of 1.19 megabytes.

Web Performance: Flowers

Teleflora had problems. The median sample was about 6 seconds, but a substantial proportion were taking much longer, or were failing. We saw typical hour-by-hour sample time spreads much like this one.

Most samples were clustering around a ten second load time, but with a significant number taking much longer and outliers up to 60 seconds.

All the florist’s sites had small mobile sizes. FTD, with a much smaller than average page size of just 0.44 megabytes, was the largest of the florist’s mobile websites. And Teleflora at 48 kilobytes had the smallest of all sites we sampled. This is an outstanding achievement—providing an elegant functional website with such a small size.

Web Performance: Specialty e-Retailers

Harry & David’s mobile web site showed a significant improvement on May 8^th with a site upgrade which substantially reduced their web site’s size, halved the number of objects loaded and took their average load time down from 9 seconds to just over 5 seconds.

Red Envelope suffered numerous timeouts, apparently caused by large regional variances. Our West Coast monitors in Portland and San Francisco showed consistent performances in the 8-10 second range, while samples from Washington DC on the East Coast were timing out.

Web Performance: Retailers

The sites of the retailers that we sampled performed well with excellent uptime, and all but Saks maintained a below average load time. Retail mobile sites also performed well. The most interesting was Barneys New York, which had the largest website on the desktop browsers and the smallest one on mobile.

Summary

This Mother’s day we saw:

• Better overall consistency in website performance
• Slightly higher YSlow scores
• But continuing increase in page-size  which tends to slow sites down

Stayed tuned. Next up: Father’s Day major e-Retailers and a review of their web performance.

We typically spend so much time on other aspects of security, such as protecting our online presences against Distributed Denial of Service (DDoS) attacks, managing firewalls, protecting against viruses and enabling user-access, that we often forget about the physical office security.

We are all to blame.

In a bid to be polite we may have held the door open for someone who was coming in behind us, whether we knew the person or not. Maybe you brought your child, spouse or a vendor into the Data Center for a quick tour without signing in. Perhaps, you propped a door open while stepping out because you forgot your badge at home.

Physical Office Security Policies are a Must

Every company, not just the Fortune 100 companies, must have policies in place to secure their office and data. Each company’s office security needs are different along with their budgets. Develop a plan based on your needs and your budget, weighing the potential cost of lost data or hardware to the cost of securing them. Hire a third party to review your plan and offer insight. The trusted third party can even provide a logical security audit to test how difficult it is to gain access to your office – using social engineering to test your policies and readiness.

Below are a few items to think about when developing your physical office security policy:

• All sensitive areas should require badge access and the lobby should have a manned reception or security desk, if possible.
• All employees should have a visible badge with a photo. Visitors should be escorted at all times and be provided a visitor’s badge. Time-based badges, which fade over a period of time to indicate expiration, are another option for visitors. Regardless, employees should be aware of their surroundings – offering assistance or questioning anyone without a badge or a visitor without an escort.
• Laptops and tablets should be secured, whether left behind at a desk or in a conference room. Any device that is left on a desk should have the screen locked and protected with a password.
• Hard-walled offices should be locked and desks should be clear of any sensitive data.
• Passwords should not be written on post-it notes For password tips, see on Strong Passwords by Josh Wilson.

In Summary

Office Security is everyone’s job. Physical security should be a company-wide initiative – not just boring, unread documents located on rarely visited security page on your Intranet. No matter if your budget is small or astronomical, or if your company consists of 100 or 1,000 people, make sure your employees know and practice these policies every day.

If you’re shopping for a solution to help you reach these goals, here are four reasons IP geolocation should be at the top of your list. Gleaning high-value business intelligence from IP addresses, geolocation technology delivers BIG where the alternatives fall short.

Personalize web content with or without cookies

With IP geolocation, you can tailor your storefront based on the visitor’s country, region or city, and other factors like time of day, current weather or venue (airports, hotels, etc.). While cookies do allow you to customize content, they can present problems. First-party cookies, for example, require you to collect information on the first visit – and asking for information right off the bat can turn off potential buyers. Third-party cookies, meanwhile, collect geolocation and other valuable data, but they are getting a bad reputation due to privacy concerns. Because of concerns related to cookies and privacy, many people use browser tools to block cookies aimed and preventing outside organizations from gaining personal and behavioral data. IP geolocation allows you to customize content for privacy-sensitive users.

Content Localization based on browser settings

Examining the user preferences in the browser can give you basic localization information such as language and time zone.  Knowing the time of day visitors are reaching you online, and presenting your content in their preferred language, will ensure a basic level of engagement. Using browser settings is easy, but it does not provide the full impact of localized content that considers regional aspects of language and geography. Improve your message even further by considering variations in dialect and slang.  Adjust your focus by knowing whether they are within a coastal, mountain or metropolitan community.  IP geolocation provides the capability for more granular, targeted website localization.

Locate visitors without the opt-in hassles of GPS apps

In the mobile space, GPS-enabled applications can find the precise location of smartphone users in relation to nearby businesses. Sounds good, especially if you’re marketing a local restaurant or store.  But here’s the rub: these location services are usually opt-in. Users must first decide to let you find them. Again, privacy-minded consumers often say, “no thanks,” greatly shrinking your target audience and deflating your campaign. IP geolocation offers a privacy friendly alternative to GPS.

One IP Geo solution that works across all media and environments

Every device that connects to the Internet gets an IP address.  Given an IP address, Neustar IP Intelligence can locate the user, many times all the way down to the postal code, without additional software or user intervention, and while respecting user privacy preferences.  For more than 10 years we have maintained a database of all routable IP addresses throughout the world. Using IP geolocation, you can manage your customer experience using one technique that works across all user media and environments.

Remember: you only get one first impression. It’s important to make the most of it instead of risking the loss of a business opportunity.

IP geolocation, it’s the smart way to customize content and show you know your audience. Want more details? Learn more here.

Yesterday I walked into SEED School DC a – a public charter school in Southeast Washington D.C. – and I was immediately reminded of the tremendous difference terrific teachers and a positive school environment can have on students. This point became abundantly clear as dozens of kids entered the auditorium to celebrate the completion of the online digital literacy program that Neustar and EverFi are offering to schools around the country.

To make our digital literacy program a success, you not only need a first-rate program but also educators passionate in their desire to help students learn and students eager to take on new challenges. The SEED School DC has it all.

The evening was highlighted by the remarks of recently designated Federal Communications Commission (FCC) Chairwoman Mignon Clyburn who, as a long time champion of broadband adoption and digital literacy programs, inspired the kids to reach for the stars and reminded them that the business and educational tools available on the web create tremendous opportunities for those with the skills to navigate it well. And that utilizing the Internet in a responsible way is one of the most important skills to learn.

I am always struck by what the kids say they learn from the course. One student said how excited she was to learn how to develop a web page. Another student noted that he learned about the problems with cyber bullying and that he hoped to use that knowledge to prevent others from doing it. These are the leaders of tomorrow and they give me tremendous hope for the future.

Kudos to all of the students at the SEED School DC who completed the digital literacy program and to the teachers and school administrators who have created an environment for learning and achievement that is clearly working.

Everyone has, at one point or another, been asked to create a password only to be told that the password is not strong enough or “the password does not meet complexity requirements”. The continued advancement of technology has enabled computers to crunch numbers faster and faster, in turn, making it easier for hackers to identify passwords at a faster and faster pace, creating security risks.

Password Guessing and Cracking- How the Hackers Get In

There are two main ways hackers arrive at the right password: “guessing” and “cracking”. Password guessing is more than just stringing some characters together. A hacker will attempt password guessing by randomly generating passwords based on character types and length or by creating a password list.

Password lists are normally created from both personal and business information gleaned from multiple Internet locations, including social networking sites and a technique called “dumpster diving”. Dumpster diving involves going through your trash — sometimes literally “diving” into physical dumpsters.

There are also many different password guessing applications available on the Internet for hackers to use, or they can create their own depending on their skill level. Once a hacker has the desired application and password list, the guessing begins. This is typically done at a slow, methodical pace to avoid possible password lockout protections.

Password cracking involves comparing the password hashes to hashes of known strings. The quickest way to crack a password is with a pre-generated list of hashes or rainbow tables . Rainbow tables are more than just simply a list of hashes –they are a complex way to store hashes in a chain that can be used to match many hashes without having to have each and every hash listed out. A good rainbow table can be upwards of a terabyte in size and can take weeks or more to generate.

Hackers can also crack passwords by generating and comparing passwords until the hash is matched. With most password cracking applications, you can pre-define a list of characters to work on or use a password list, such as in the list mentioned before. However, with password cracking it is that the target’s password hash has to be obtained first.

Tips on Creating a Strong Password

Creating a strong password can be a challenging task. Some tips are below, however it is important to note that passwords should be changed regularly to ensure the utmost security.Windows systems by default don’t use a salt when encrypting passwords – making passwords on a windows system easier by orders of magnitude to crack. It is important, therefore, to consider the system that the password will be used on.

• Use 14 or More Characters: Because longer is better, use 14 or more characters for your password. Some older Windows systems will not use more than 14 characters even when you try to input more. In the corporate world, most network administrators set a minimum and maximum character count for passwords, so be sure to ask. Most open source operating systems, and now even a lot of websites, on the other hand, are using salts in their password encryption methods to help make your passwords more difficult to crack.
• Use Numbers and Letters: When creating a password, use at least two of each: uppercase, lowercase, numbers and special characters. To make the passwords easier to remember don’t write them down, but try basing the password on a phrase that would be memorable to you, but isn’t common or can be easily guessed.
• Use a Password Manager Program: You can also create and remember strong passwords by using a secure password manager, making it so you don’t have to remember those complex passwords. Just keep in mind that if someone can crack the password manager they will have all your passwords.

In Summary

In this day and age – with so much personal and corporate information readily available online for hackers to use– it is critical that everyone be able to create strong passwords that are also easy enough to remember that they don’t have to be written down. As technology advances, we must also become more sophisticated in how we protect ourselves and our data. The security of your data is in your hands.

First Generation DNS

Here’s a little bit of history. The term “Domain Name System” refers to two things.  First, the term refers to the protocol used today to convert, for the most part, human-readable labels (such as computer hostnames) into numeric addresses.  The second is the world-wide activity to build a service using that protocol to enable communications.

In this first post, we will set the stage by looking at the definition of the protocol and cover its early history.

After some early attempts to make it easier to reach hosts across the Internet, a collection of engineers created a description of the Domain Name System. This work was done within the Internet Engineering Task Force (IETF) and with documents published in a Request For Comment (RFC) series .

Two documents within that RFC series — RFC 1034 and RFC 1035 — are considered by most to be the start of the DNS definition. These documents describe a fully functional protocol and include some early data types to be carried.  At the time, Internet mail was also being defined and there were attempts to let mail make great use of DNS.  Although other attempts followed to add application-specific features in DNS, none stuck because, in retrospect, it wasn’t a very good idea to hook other applications too deeply into DNS.

About 10 years passed before the first major update to the DNS protocol was published.  What was the update?  An addition of a more dynamic way to keep servers up to date by use of mechanisms called NOTIFY and Incremental Zone Transfer (IXFR).

In the first generation of DNS, the best way to provide for “continuity” was to have multiple servers answering multiple queries.  One server was called a master, while the the rest were slave servers.  Each of the slaves had instructions to check with the master periodically to determine whether the data had changed.

The Second Generation

NOTIFY was the first “game changer.”  Instead of a master having to wait until a slave came to check, the master could send a NOTIFY message to the slaves, prompting them to acquire the new data.  IXFR, meanwhile, made a marked change in the way data was communicated.  If just one record out of hundreds had changed, the original specification would send hundreds of messages.  IXFR changed the sytem, enabling only the changes to be sent.

The Third Generation

The next turning point in the evolution of the DNS came when dynamic updates were defined in RFC 2136.  In the first generation, to change even just one record an administrator would have to go to the master server, edit a file, and then get the master to reload the file (before waiting for slaves to update).

However, dynamic updates enabled an administrator to edit the live zone, even from across the network.  Administrators no longer needed to log into the master.  This might not sound like a huge win, but the greater impact was this: dynamic updates reused the original message format for another purpose.  Moreover, succeeding efforts to update the DNS were not afraid to redefine fields in the protocol, such as the Extension Mechanisms for DDS (EDNS) in RFC 2671, which defined extensions that added further modernization.

After the addition of NOTIFY, IXFR, and dynamic updates, the evolution of the DNS protocol began to unravel. Code was added here and there, but no one gave the protocol a good review for “structural integrity.”  This period came to be documented in RFC 2181 and RFC 2308.  RFC 2181 was simply titled “Clarifications to the DNS Specification” and dealt with some overlooked data issues.  RFC 2308 covered answers that said “no” and helped document terminology still used today.

After the “reforms” of RFC 2308 and RFC 2181 were finalized, DNS security became the next top focus of DNS modifications, and would remain so for many years to come.

Stay tuned for the next installment, when we’ll cover the vulnerabilities associated with DNS.