Talk With an Expert

The Evolving Threats to the Availability and Security of the Domain Name Service

The Evolving Threats to the Availability and Security of the Domain Name Service (PDF, 2.10MB)Published: 13 Dec, 2003
Created by:
John Holmblad

This objective of this paper provide a concise overview of the role of the Domain Name Server (DNS) system among the essential components that comprise the Internet and the World Wide Web as we know it today, and to examine the security related aspects of its operation and some of the key exploits that have been mounted in the last several years against the system and the services that it provides. Sections 2 to 4 of this paper focus on the reasoning behind the creation of DNS, sections 5 and 6 discuss the network architecture and implementation of DNS, Section 7 reviews a number of vulnerabilities that have been discovered in various implementations of DNS server software, while section 8 does the same with respect to DNS client software, section 9 describes numerous ways in which DNS servers can be made less vulnerable to attack through various 'hardening' techniques while section 10 section provides the same for the client side. Section 11 provides a quick synopsis of other implementations of DNS besides the dominant one known as BIND and section 12 provides a perspective on the future of DNS.