“It’s funny to see the Internet sneaking up on businesses and
becoming a critical component, without many people seeming to
realize it. Many businesses now rely heavily on email as a
messaging system, and use Web servers to distribute corporate data
and allow access to a variety of services.”
“All these services rely on DNS. DNS is the directory to the
Internet; it maps names such as www.securityportal.com to IP
addresses such as 209.67.74.22. To see a Fortune 100 company such
as Microsoft suffer a multi-day outage because its DNS
infrastructure was not up to the task is disturbing indeed.”
“In the past we’ve run several articles on DNS security, and by
and large most organizations have begun to pay attention to these
issues and address them. However, a significant part of security is
availability. While preventing an attacker from accessing sensitive
data is definitely a security goal, allowing an attacker to deny
access to that resource, for everybody, can be a significant
problem.”
“Even if your Web servers are in tip-top shape, the firewalls
are doing their job, and your backend application servers and
databases are in perfect order, none of this matters if an attacker
manages to take out your DNS servers. Without DNS servers no one on
the Internet will be able to find your servers. Would you be able
to remember 199.81.203.50, 153.2.228.50 or 56.0.78.101? Of course
not, but you can remember fedex.com, ups.com and usps.com.”
“Worse yet, without your DNS servers internal services may not
work properly, email deliveries can fail, and access to servers
will time out as DNS queries fail.”