Skip Navigation

Monday November 23rd, 2009 » Fall Quarter, Week 9

 
NACS >Security> DNS Security

Domain Name System (DNS) Security Change

Summary: As of October 17, 2006, you will no longer be able to use UCI's Domain Name System (DNS) off campus.

Related Information

What is DNS?

DNS stands for Domain Name System. DNS servers are a critical part of the campus network infrastructure and the Internet at large. These servers contain information pertaining to every host on the Internet, and are the mechanism that allows information on the Internet to be available when you enter a URL in your Web browser.

To enhance the security of the campus DNS, we are disabling one capability the DNS has--recursive DNS. An example of recursive DNS is when someone who subscribes to an ISP (e.g. Comcast) configures their computer to use the UC Irvine DNS rather than their ISP DNS to access the Internet.

Why is UCI enhancing DNS security now?

Enhancing DNS security has been under consideration for quite some time due to the potential for security attacks, but no imminent risks were known. Recently, two critical security risks were identified. Several other UC campuses have already have made similar changes to their DNS and many other universities are planning to do so in the coming months.

Will I have to make a change?

Step 1: Determine if your IP Address is a UC Irvine address.

  1. If your IP address begins with either 128.200, 128.195, 169.234 or 160.87, do nothing. You are on the UCI network and no changes are needed.

    2. Your current IP address is: 38.107.191.104

  2. If your IP address begins with anything else, continue to Step 2.

    3. You are not on the UCI network, please continue to Step 2.

Step 2: Check Your DNS Settings

Home Router/Firewall (Linksys, D-Link, etc.)

If you are using a home router/firewall (Linksys, D-Link, etc), and you have changed the router so that the UCI DNS servers are listed, they should be removed and the fields left blank so that your ISP's DNS servers will become the default DNS servers for your network. Please consult the manual for your router if you need to make this change.

Based on your computer's operating system, please follow the directions below to determine if you are using UCI's DNS settings.

Windows XP

  1. From the Start Menu select Settings, then Control Panel
  2. Click on "Network Connections"
  3. Right-click on your network connection and select Properties
  4. Double-click on "Internet Protocol (TCP/IP)"
  5. If you see 128.200.1.201 and/or 128.200.192.202 in the DNS server address fields, you will need to change your settings. In most cases, the "Obtain DNS server address automatically" option is the correct setting. Check with your Internet Service Provider to be sure.

Mac OS X

  1. From the Apple menu, select System Preferences
  2. Click the Network button
  3. From the Show menu select your network interface (Built-in Ethernet or Airport, for example)
  4. Click the TCP/IP button
  5. If you see 128.200.1.201 and/or 128.200.192.202 in the "DNS Servers" field, you will need to change your settings. In most cases, leaving this box blank is the correct setting. Check with your Internet Service Provider to be sure.

Windows 2000

  1. From the Start Menu select Settings, then Control Panel
  2. Double-click on "Network and Dial-up Connections"
  3. Right-click on your network connection and select Properties
  4. Double-click on "Internet Protocol (TCP/IP)"
  5. If you see 128.200.1.201 and/or 128.200.192.202 in the DNS server address fields, you will need to change your settings. In most cases, the "Obtain DNS server address automatically" option is the correct setting. Check with your Internet Service Provider to be sure.

If you have any questions or questions or concerns, please contact the NACS Response Center at (949) 824-2222 or nacs@uci.edu.

We gratefully acknowledge the University of California, Davis for the permission to borrow from their documentation.