D-Link enhanced its router security to a higher level of protection by incorporating both CAPTCHA and DNSSEC to guard against hacking, worms, viruses and other malicious Web attacks.
DNSSEC is a suite of Internet Engineering Task Force (IETF) specifications that adds security to the DNS to provide assurance that the information received from a Domain Name Server is authentic. The security extensions are designed to protect the DNS from man-in-the-middle and cache poisoning attacks, which can occur when hackers corrupt DNS data stored on recursive name servers to redirect queries to malicious sites.
DNSSEC applies digital signatures to DNS data to authenticate the data’s origin and verify its integrity as it moves across the Internet and can provide users with effective verification that their applications, such as Web or email, are using the correct addresses for servers they want to reach.
CAPTCHA is a challenge-response test that ensures that a response during a user logon is not computer-generated but instead is truly entered by a human hand, by requiring a user to manually enter a small amount of text displayed in an image to help prevent automated registration and fraud.
To further consider security while future-proofing its routers, D-Link is migrating to IPv6 certification. With the growing number of Internet-capable devices on the market the pool of IPv4 address has dropped to six percent and is expected to run out sometime in 2011. While this is a major motivation for IPv6, other improvements are also realized.
The IPv6 specification now specifies certain security measures that were not defined in IPv4, such as IPSec. IPSec is a method of authenticating and encrypting data transferred between pairs of hosts. Although it was possible to implement IPSec with IPv4, it was not part of the specification. IPSec is now a requirement, not an option, in the IPv6 specification.