Windows DNS Security Overview
The Windows DNS Security Overview
Save the world with DNSSEC. Perhaps a little dramatic.
But consider this. Info World and Computerworld blamed a recent major Distributed Denial of Service or DDOs attack that affected thousands of servers, computers and users on poorly configured DNSSEC servers for the outage.
And in this article, a leader in the DNS community warn us of the perils of not updating our servers and not using DNS Security.
What is DNSSEC - Domain Name System Security Extensions (DNSSEC) is a suite of extensions that add security to the Domain Name System (DNS) protocol by enabling DNS responses to be validated
Why do we need to worry about deploying DNSSEC? (Domain Name Security
Extensions). Because DNS does not offer any form of security, it is vulnerable to spoofing, man-in-the-middle, and cache poisoning attacks. Attacks of this kind can compromise all future communications to the host. For this reason, it has become critical to develop a means for securing DNS.
DNSSEC fixes Cache poisoning, which is a long standing potentially crippling vulnerability in the Domain Name System - Cache Poisoning is inducing a name server to cache bogus resource records. Those records might map the domain name of a popular website -- say, www.amazon.com -- to the IP address of a Web server under the control of thieving hackers. That Web server may serve content that's indistinguishable from Amazon’s real content; in fact, the Web server may just proxy content from the real www.amazon.com. Unsuspecting users may ente…
No comments yet. Add the first comment to start the discussion.