Security Portal: Foiling DNS AttacksNov 13, 2000, 08:23 (0 Talkback[s])
(Other stories by Jay Beale)
"Most of us take DNS servers for granted. Here, in a continuing series on attacking and defending your own machines, I discuss how people attack DNS servers and what you can do to better your security. I answer these questions:
How do crackers exploit your DNS servers?
How can you harden your DNS servers via configuration?
How can you really make it a pain to hack your DNS servers?"
"I'll discuss this in attack/defense manner, the same way I did in Anyone With a Screwdriver Can Break In! The "defense" will be implemented on a BIND 8 DNS server, but the concepts apply to all DNS servers. This article should be useful to managers and admins alike, though the former will find the attacks and general concepts more interesting than the technical specifics of defense. So, here we go...."