The Ministry of Industry and Information Technology issued the "Circular on Strengthening the Security Protection of the Internet Domain Name System"

The Ministry of Industry and Information Technology issued the "Circular on Strengthening the Security Protection of the Internet Domain Name System"

Notice on Strengthening the Security Protection of the Internet Domain Name System Ministry of Industry and Information Technology [2010] No. 53

Communications Administrations of provinces, autonomous regions, and municipalities directly under the Central Government, China Telecom Corporation, China Mobile Communications Corporation, China United Network Communications Group Co., Ltd., National Computer Network Emergency Technology Processing Coordination Center, Ministry of Telecommunications Research Institute, China Software Testing Center, China Internet Information center, domain name registration and management center of government affairs and public interest organization, and various Internet domain name registration service organizations:

The domain name system is an important part of the Internet. Safeguarding the security of the domain name system is of great significance to safeguarding Internet security and promoting the healthy development of the Internet. At present, the security threats and risks faced by the domain name system are increasing and security incidents are increasing. Effective and effective measures must be taken to strengthen the security protection of the domain name system. The relevant job requirements are hereby notified as follows:

First, raise awareness and highlight key points. All organizations must fully understand the new situation, new issues and new threats faced by the domain name system at all levels, and earnestly enhance the sense of responsibility and urgency to ensure the security of the domain name system. For external network attacks, threats such as domain name hijacking and other outstanding issues such as weak security protection and emergency management, we must further strengthen security protection and emergency work of the domain name system, establish and improve domain name security technology means, promote domain name security standardization and independent innovation, and strengthen domain name security. Supervision and inspection of work to ensure that the key domain name resolution is normal and that important domain name systems are safe and reliable.

Second, strengthen security protection and emergency work of the domain name system. The operating companies of domain name systems, such as basic telecom operators, domain name registration authorities, and domain name registration service providers, shall strengthen the authority, recursive domain name resolution system, and domain name for the operation and management of their own units and their services in accordance with the principle of “who is responsible for who is running and who is responsible”. The security protection and emergency work of the registration system ensure the safe and stable operation of the domain name system to which the entity belongs and ensure the security of domain name registration information. First, establish and improve the operation and maintenance and security management system of the domain name system, implement the responsibility system, constantly optimize the structure of the domain name system, strengthen redundancy backup, and improve the ability of domain name resolution. Second, in accordance with the unified deployment of the Ministry of Industry and Information Technology, the unit’s domain name system is graded and filed, security measures are implemented in accordance with relevant standards, and the company’s domain name system is regularly tested, evaluated, rectified, and accepted by the communications management agency. an examination. The third is to construct a means of domain name security monitoring, and dynamically monitor key indicators such as the number of resolution requests, resolution success rate, parsing speed, and server load of the domain name system of the organization, and timely filter abnormal and invalid domain name requests to improve network attacks and information tampering. And early warning and monitoring capabilities for domain name hijacking and other security incidents. Fourth, in accordance with the relevant provisions, we will do a good job in the retention of relevant logs, strengthen the security audit of our own domain name system, and improve the traceability of security incidents. Fifth, according to the Ministry of Industry and Information Technology's "Public Internet Cyber ​​Security Emergency Plan," formulate and improve the unit's domain name system safety special emergency plan, do a good job of domain name security incident information reporting, organize emergency drills. The basic telecom operators must assist the domain name registration authority in ensuring the security of national top-level domain name system nodes. Domain name registration authorities and domain name registration service providers should step up publicity to guide domain name registration users to enhance domain name security awareness and scientifically select domain name resolution services.

Third, establish and improve the public domain security technology platform. The National Computer Network Emergency Response Technology Processing Coordination Center (hereinafter referred to as CNCERT) and domain name registration authority shall strengthen the construction of a public domain name security technology platform to realize the timely and accurate monitoring of the operation status of major domain name systems and the analysis of key domain names, and establish and improve the government websites. The security protection mechanism for the domain name security of key news websites and important information systems; research and development of specific emergency plans for the root domain name mirror server and implementation of relevant technical safeguard measures. Basic telecom operators, domain name registration authorities, and domain name registration service providers must support the establishment and operation of CNCERT and domain name registration authority related platforms.

Fourth, promote the standardization of domain name security and independent innovation. Improve the standard system, speed up the formulation and release of a series of standards for security protection of the domain name system, strengthen the promotion of standards, and promote the implementation of standards. Actively research technologies such as domain name system security detection, assessment and monitoring, develop related tools, and increase the promotion and application. Accelerate the development of networked software behavioral norms and testing requirements, and explore the development of networked software evaluation through industry self-discipline. Strengthen independent innovation and actively promote the research, development and application of domain name resolution software with China's independent intellectual property rights. Track global DNSSEC deployment and application, and do related supporting work.

Fifth, strengthen the supervision and inspection of domain name security work. The Bureau of Communication and Security of the Ministry of Industry and Information Technology is responsible for guiding, coordinating, supervising and inspecting the safety and security of the domain name system in accordance with the spirit of this notice. The local telecommunications administrations should regard the safety of the domain name system as an important part of the safety management of telecommunication networks, guide and supervise the local basic telecommunications operators to implement the standards for security protection of the domain name system, construct the security monitoring means of the domain name system, formulate a special emergency plan for the domain name system, and implement the security of the domain name. Information work. Do a good job in emergency command coordination of domain name security incidents.

The basic telecom operating enterprise group company, domain name registration authority, and domain name registration service agency are required to report the implementation status and work plan of the domain name system security assurance of this organization to the Ministry of Industry and Information Technology (Communications and Protection Bureau) by February 28, 2010. The relevant work conditions and plans of the provincial telecommunication companies of provincial telecommunications companies should be reported to the local communications authority by February 28, 2010. For other units, please report to the Ministry of Industry and Information Technology (Communications Protection Bureau) in time.

Notice is hereby given.

Rechargeable Led Flashlight

Tingrui Electronics Technology Co., Ltd , http://www.jhflashlight.com

Posted on