| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
BIND
|
|
Security Issues with DNS This document first reviews some basics about how DNS works, then goes into explaining the different ways a hacker can attack the DNS protocol implementation to use it to his own advantage. We will focus on the relationship between all the terms we hear, which are usually misemployed. We will then review the different possible server attacks and finish by explaining some of the ways that should be used to protect against these issues.
By Florent Carli, 03/23/2004
|
|
Installation of a Red Hat 9.0 server with DNS This paper seeks to provide an edited account of the work done by the author to create a minimal-install, primary DNS server based on a Linux platform. The document includes some discussion as to why certain decisions were made and the reasons for the method used to build the system. There is a preliminary summary of this document, which outlines the rest of the documents content. Each section, that details the instructions for building the system, has information and discussion about the actions and decisions taken that are relevant to that section. However, the document is also designed to be a set of build instructions that can be followed to create a simple DNS server with security as a focus.
By Mark E. Chandler, 03/23/2004
|
|
The Evolving Threats to the Availability and Security of the Domain Name Service (DNS) The objective of this paper provide a concise overview of the role of the Domain Name Server (DNS) system among the essential components that comprise the Internet and the World Wide Web as we know it today. As well as examine the security related aspects of its operation and some of the key exploits that have been mounted in the last several years against the system and the services that it provides.
By John Holmblad, 03/23/2004
|
|
Predictability of Windows DNS resolver The main DNS security issues have very often focused on server side problems and vulnerabilities. This paper focuses on Windows client DNS service, also called DNS resolver. This paper explains how it is often possible to predict the "Transaction ID" and the "UDP port number" used by Windows' DNS Resolver. With this information it will be shown how it is possible, under certain conditions, to win the race against the regular DNS server and hijack, for example, a TCP/IP session. Even if this problem has been reported to Microsoft's security experts and we both agreed that there is no immediate threat or security vulnerability, it may be used to attack Windows LAN and WAN clients for example at startup. In WLAN too, which shares the medium and then is subjected to the well-known DNS attacks based on sniffing, this predictability increases the chances of being effectively attacked.
By Roberto Larcher, 03/23/2004
|
|
Page: 1 2 |
