Talk With an Expert

Why is securing DNS zone transfer necessary ?

Why is securing DNS zone transfer necessary ? (PDF, 2.01MB)Published: 31 Mar, 2003
Created by
Steve Lau

Domain Names System (DNS) is a vital and critical component of the Internet. Users often do not know anything about DNS, but they definitely use it every time they are on the Internet. DNS is the mechanism that translates IP address 192.168.1.200 to a name www.somewhere.com and vice versa. It is much easier for someone to remember a name such as www.somewhere.com than an IP address. Electronic mail, web browsing, ftp, and any other Internet related applications rely on DNS. What can be done to secure your DNS information? DNS queries, zone transfers, and dynamic updates can be secured. This paper will focus on the reason for securing DNS zone transfers between DNS Name Servers. It will concentrate on the use of allow-transfer statement in Berkley Internet Name Domain (BIND) DNS to accomplish the goal of preventing DNS poisoning or spoofing.