---

Security Portal: DNS Security – closing the b(l)inds

“DNS is one of the basic services that makes the Internet work,
without it there would be no “sun.com” or “microsoft.com” or
“securityportal.com”. At one point the entire list of computers on
the Internet fit easily into a single file (usually /etc/hosts)
which was (and still is) a simple table of names and IP
addresses…”

“DNS provides a “phonebook” of hosts on your network, and like
any company phone directory, it is an invaluable resource for
someone planning an attack. Additionally, many companies now rely
on services (such as email, or web based commerce) that rely on DNS
servers to provide information to customers so that they can find
the servers. However many DNS servers, and the information they
provide, are woefully unprotected. Bind 8.x provides several
facilities to control access to your DNS servers.

“The first step is to define ACL’s (access control lists) in
your named.conf file, and then to use the “allow-query” and
“allow-transfer” directives to grant or revoke access to
information that the DNS server provides. DNS servers typically
provides two kinds of information, the most obvious being domains
that they host, such as example.com. This service is usually
critical, as without it internal machines can’t find each other,
and customers won’t be able to find your web site, or email server.
These domains usually contain a complete list of every piece of
network attached equipment in your infrastructure (such as
firewall-nt.example.com) that can give an attacker help when
planning an assault on your network…”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis