DNS Security

Defending the Domain Name System

1st Edition - June 10, 2016
Latest edition
Authors: Allan Liska, Geoffrey Stowe
Language: English

DNS Security: Defending the Domain Name System provides tactics on how to protect a Domain Name System (DNS) framework by exploring common DNS vulnerabilities, studying different… Read more

Early spring sale

Nurture your knowledge

Grow your expertise with up to 25% off trusted resources.

Shop now

Description

DNS Security: Defending the Domain Name System provides tactics on how to protect a Domain Name System (DNS) framework by exploring common DNS vulnerabilities, studying different attack vectors, and providing necessary information for securing DNS infrastructure. The book is a timely reference as DNS is an integral part of the Internet that is involved in almost every attack against a network. The book focuses entirely on the security aspects of DNS, covering common attacks against DNS servers and the protocol itself, as well as ways to use DNS to turn the tables on the attackers and stop an incident before it even starts.

Key features

Presents a multi-platform approach, covering Linux and Windows DNS security tips
Demonstrates how to implement DNS Security tools, including numerous screen shots and configuration examples
Provides a timely reference on DNS security, an integral part of the Internet
Includes information of interest to those working in DNS: Securing Microsoft DNS and BIND servers, understanding buffer overflows and cache poisoning, DDoS Attacks, pen-testing DNS infrastructure, DNS firewalls, Response Policy Zones, and DNS Outsourcing, amongst other topics

Readership

Information security professionals and consultants, network administrators, and other information systems managers, specialists, and analysts

Dedication
About the Authors
Acknowledgments
Chapter 1. Understanding DNS
- Abstract
- Introduction
- DNS History
- The Root
- Recursive and Authoritative Servers
- Zone Files
- Resource Records
- Conclusions
- Notes
Chapter 2. Issues in DNS security
- Abstract
- Introduction
- A Brief History of DNS Security Breaches
- Why is DNS Security Important?
- Common DNS Security Problems
- Developing a DNS Security Plan
- Notes
Chapter 3. DNS configuration errors
- Abstract
- Introduction
- DNS Server Vulnerabilities
- Fingerprinting DNS Servers
- Buffer Overflows, Race Conditions, and Execution with Unnecessary Privileges
- Human Errors
- Conclusions
Chapter 4. External DNS exploits
- Abstract
- Introduction
- Cache Poisoning
- DNS Spoofing
- DDoS Attacks Using DNS
- Using DNS as a Command and Control or Exfil Channel
- Conclusions
- Notes
Chapter 5. DNS reconnaissance
- Abstract
- Introduction
- WHOIS
- Mapping DNS Infrastructure
- DNS Fingerprinting
- Reverse DNS
- DNS Cache Snooping
- Passive DNS
- Collection of Query Data
- Conclusions
- Notes
Chapter 6. DNS network security
- Abstract
- Introduction
- Locating DNS Servers
- Public and Private DNS Infrastructure
- Logging and Monitoring DNS Traffic
- Flagging Bad Domains
- Passive DNS
- DNS Firewalls and RPZ
- Blacklists, Whitelists, and Other DNS Threat Intelligence
- Conclusions
- Notes
Chapter 7. BIND security
- Abstract
- Introduction
- Running BIND in a Chroot Jail
- Fingerprint Evasion Techniques
- Response Rate Limiting
- Queries and Transfers
- Response Policy Zones
- Logging
- Conclusions
- Notes
Chapter 8. Windows DNS security
- Abstract
- Introduction
- Securing Windows DNS Files
- Dynamic DNS Control
- Queries and Transfers
- Windows and DDoS
- Windows Caching Servers
- Windows DNS and High Availability
- Logging
- Conclusions
- Notes
Chapter 9. DNS outsourcing
- Abstract
- Introduction
- DNS Outsourcing
- Deciding How Much to Outsource
- Working Securely with a DNS Provider
- Monitoring DNS Infrastructure
- DNS Outsourcing and DDoS
- Conclusions
- Notes
Chapter 10. DNSSEC
- Abstract
- Introduction
- Background
- Cryptography Overview and TLS
- DNSSEC Protocol
- NXDOMAIN Responses
- Implementing DNSSEC on Linux
- Implementing DNSSEC on Windows
- Operating a DNSSEC Zone
- DNSSEC Criticisms
- Conclusions
- Notes
Chapter 11. Anycast and other DNS protocols
- Abstract
- Introduction
- Anycast Motivation
- Anycast
- Implementing Anycast
- Anycast and DDoS
- Multicast DNS
- DNS Service Discovery
- Tor Hidden Services
- Conclusions
- Notes
Index

Product details

Edition: 1
Latest edition
Published: June 14, 2016
Language: English

About the authors

Allan Liska

Allan Liska has more than 15 years of experience in the world of information security. Mr. Liska has worked both as a security practitioner and an ethical hacker, so he is familiar with both sides of the security aisle and, through his work at Symantec and iSIGHT Partners, has helped countless organizations improve their security posture using more effective intelligence.

In addition to security experience, Mr. Liska also authored the book The Practice of Network Security and contributed the security-focused chapters to The Apache Administrators Handbook.

Affiliations and expertise

Allan Liska, security practitioner, Symantec and iSIGHT.

Geoffrey Stowe

Geoffrey Stowe lives in San Francisco and is an Engineering Lead at Palantir Technologies. His network security work has included vulnerability research, reverse engineering, incident response, and anomaly detection. There was a time when he could translate byte code to assembly without looking at a manual. Geoff started Palantir’s commercial business in 2010 and built its first platforms for distributed, large scale data analysis. He graduated from Dartmouth College with a degree in computer science.

Affiliations and expertise

Engineer, Palantir Technologies

View book on ScienceDirect

Read DNS Security on ScienceDirect

Life Sciences

Physical Sciences & Engineering

Social Sciences & Humanities

Health