Securing an Internet Name Server
by Allen Householder and Brian King CERT/CC in collaboration with Ken Silva from Verisign
Bookmark and Share
Domain name system (DNS) servers translate names suitable for use by people (such as www.example.com) into network addresses (e.g., 192.168.4.22) suitable for use by computers. There are a number of different name server software packages available today. Berkeley Internet Name Domain (BIND), produced by the Internet Software Consortium (http://www.isc.org), is the most widely deployed name server package, and is available on a wide variety of platforms. Other popular DNS packages include Microsoft DNS and djbdns.

The goal of this document is to discuss general name server security. However, in order to provide useful examples we have chosen to focus on BIND since it is the most commonly used software for DNS servers.

Download the paper in PDF format here.

Spotlight

OpenBSD team forks OpenSSL to create safer SSL/TLS library

Posted on 22 April 2014.  |  Members of the OpenBSD project have begun working on a free version of the SSL/TLS protocol. They are not starting from scratch, but have forked OpenSSL to create a new, more secure option which they have dubbed LibreSSL.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Apr 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //