The DirTeam.com/ActiveDir.org Weblogs now offer DNSSEC

Reading Time: 2 minutes

As the team behind the DirTeam.com / ActiveDir.org Weblogs, these days, we aim to give you, the people visiting our website, the most secure and compliant experience available.

To this purpose, we’ve already implemented IPv6. We’ve decided to introduce AAAA records in our DNS zones and configure our servers with IPv6 addresses.This was November 24, 2010 and well before World IPv6 Launch day, the day other websites choose to adopt this technology.

Accessing the the DirTeam.com / ActiveDir.org Weblogs using Secure Sockets Layer (SSL) was another checkbox we wanted to tick. We’ve introduced this feature in December 2010 with the help of  StartCom. Also, we’ve disabled SSL v2.0 earlier this year, due to its inherited weaknesses in and its attack surface that may be used by the SSL BEAST ("Browser Exploit Against SSL/TLS") attack, allowing man in the middle (MITM) attacks.

Last week, we’ve made some other changes to our DNS records, triggered by the move to a new domain registrar. We’ve introduced Domain Name System Security Extensions (DNSSEC). This way, we provide origin authentication of our DNS data, authenticated denial of existence and DNS data integrity.

Author: Sander Berkouwer

Sander Berkouwer is the author of the Active Directory Administration Cookbook, speaker and blogger at DirTeam.com and ServerCore.net. He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.