D-Link Systems said Wednesday that it is now incorporating DNS Security Extensions (DNSSEC) into its home networking routers to help consumers defend against the rising assault of worms, viruses, hacking and other malicious Web attacks. Previously the company improved router security by adding Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) to models DIR-615, DIR-625, DIR-628, DIR-655, DIR-825, DIR-855, DIR-685, and DGL-4500.
"Unlike other brands, the majority of currently shipping D-Link routers are more difficult to be compromised due to our advanced set of security features," said A.J. Wang, chief technology officer, D-Link. "We're excited to be the first in the market to announce we have taken the initiative to implement both CAPTCHA and DNSSEC into our routers, thus providing yet another layer of security, and we'll continue to provide our users with the latest in advanced security technologies."
DNSSEC was revealed last month by the Internet Corporation for Assigned Names and Numbers (ICANN) during Black Hat 2010. The system was designed to beef up Internet security by virtually stamping email and web pages so that its authenticity can be verified. This will ultimately prevent "spoofer" attacks designed to use legitimate-looking emails and web sites to lure consumers to malware.
As for CAPTCHA, D-Link integrated the technology in mid-2009. It's a challenge-response test that verifies that a response during a user logon is actually a human and not computer-generated. Users confirm their organic origins by entering a small amount of text displayed in an image to help prevent automated registration and fraud.
"By incorporating both DNSSEC and CAPTCHA initiatives, D-Link routers now facilitate strong security thus protecting Internet users against man-in-the-middle, cache poisoning and other cyber attacks to ward off web hacking and phishing," D-Link said.
The company also added that it will be migrating to IPv6 certification. In addition to the new realm of IP addresses, IPv6 brings "certain security measures" including IPSec, a method of authenticating and encrypting data transferred between pairs of hosts that wasn't part of the specs for IPv4.
DNSSEC, CAPTCHA and IPv6 features are currently available on most currently shipping D-Link's routers, however more will be updated.
Competition is a good thing...
I don't know where to start on the errors here, so I won't. If you are actually interested in what DNSSEC is and how it works, check out www.dnssec-deployment.org
Anyway, I'll be very interested in what D-Link is actually doing with DNSSEC. If they are doing validation in their end-point devices, it's going to force some providers to really work on their infrastructure to make any of this sales hype actually do any good for the consumer.
Doing a search for "DNSSEC" on D-Link's web site provides a single page (this press release).
So you'll probably need to download the firmware like I did.