Skip to Main Content
The Domain Name System (DNS) is a critical component of the Internet. It maps domain names to IP addresses and serves as a distributed database for various other applications, including mail, Web, and spam filtering. This paper examines DNS zones in the Internet for diversity, adoption rates of new technologies, and prevalence of configuration issues. To gather data, we sweep 60% of the Internet's domains in June-August 2007 for zone transfers. Of them, 6.6% allow us to transfer their complete information. Surprisingly, this includes a large fraction of the domains deploying DNS security extensions (DNSSEC). We find that DNS zones vary significantly in size and some span many autonomous systems. Also, while anti-spam technologies appear to be getting deployed, the adoption rates of DNSSEC and IPv6 continue to be low. Finally, we also find that carelessness in handing DNS records can lead to reduced availability of name servers, e-mail, and Web servers. This also undermines anti-spam efforts and the efforts to shut down phishing sites or to contain malware infections.