SANS InfoSec Reading Room - DNS Issues
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact
webmaster@sans.org.
Featuring 13 papers as of Feb 10, 2010
Reducing the Risk of DNS Cache Poisoning via the Kaminsky DNS Vulnerability
NitroSecurity - April 2009
CURRENT ISSUES IN DNS
- By: Craig Wright (posted on December 30, 2008)
-
DNS Spoofing by The Man In The Middle
- By: Ian Green (posted on May 5, 2005)
-
This paper is based on a vulnerability in the Windows XP DNS resolver. While other parties have recently published this vulnerability, the vulnerability was independently discovered during research for this paper.
The Evolving Threats to the Availability and Security of the Domain Name Service
- By: John Holmblad (posted on December 13, 2003)
-
This paper provides an overview of the role of the Domain Name Server (DNS) system among the essential components that comprise the Internet and the World Wide Web as we know it today, examines the security related aspects of its operation, along with some of the key exploits that have been mounted in the last several years against the system and the services that it provides.
DNS, DNSSEC and the Future
- By: David Hinshelwood (posted on October 31, 2003)
-
The aim is to mitigate the risks of mis-configuration and attack so down time is kept to a minimum or compensated for by reducing the single point of failure.
Security Issues with DNS
- By: Florent Carli (posted on October 31, 2003)
-
This document first reviews some basics about how DNS works, then goes into explaining the different ways a hacker can attack the DNS protocol implementation to use it to his own advantage.
The Achilles Heal of DNS
- By: Christopher Irving (posted on October 31, 2003)
-
This paper will attempt to illustrate consequences of protocols associated with Routing and DNS attacks which either completely lacks or has very poor methods of authentication.
DNS Security Considerations and the Alternatives to BIND
- By: Lim Seng Chor (posted on October 31, 2003)
-
This paper discusses important considerations regarding DNS Security.
Current Issues in DNS Security: ICANN's November 2001 Annual Meeting
- By: James Sweetman (posted on October 31, 2003)
-
After a brief, policy-level introduction to DNS and ICANN, this paper summarizes the results of a 4-day meeting held during November 2001, on DNS security issues addressing: existing DNS security measures, security risks in the DNS and number management, and the responses by ICANN and the community.
Defense in Depth for DNS
- By: Cheng Teoh (posted on October 31, 2003)
-
This paper will focus on security for the most widely used DNS server on the Internet, namely the Berkeley Internet Name Domain (BIND).
Why is securing DNS zone transfer necessary ?
- By: Steve Lau (posted on October 31, 2003)
-
This paper will focus on the reason for securing DNS zone transfers between DNS Name Servers, concentrating on the use of allow-transfer statement in Berkley Internet Name Domain (BIND) DNS to accomplish the goal of preventing DNS poisoning or spoofing.
Installation of a Red Hat 9.0 server with DNS services, emphasising security
- By: Mark Chandler (posted on October 31, 2003)
-
This paper seeks to provide an edited account of the work done by the author to create a minimal-install, primary DNS server based on a Linux platform including some discussion as to why certain decisions were made and the reasons for the method used to build the system.
How Secure are the Root DNS Servers?
- By: Susan Baranowski (posted on October 31, 2003)
-
This paper addresses the current state of the root name server system and its operation.
GIAC certs are concerned with real applications and principles, rather than vendor products and implementations.
-Rob VandenBrink