|
»
Library
»
Domain Name Service
|
Browsing Users: 33 «
|
|
Search
|
Rendering
BIND 8.2.3 Ultra Secure
How to securely install BIND 8.2.3 in a chroot jail with static binaries. |
| |
Chrooting
a DNS server on Solaris
In response to the ongoing problems with DNS, I choose to constrain
its operations via chroot. This document lays out the steps needed
to build, confine, and test a DNS server. This is somewhat Solaris
specific. |
| |
Dual
Rooted DNS Servers
On a firewall system it may be desireable to run dual dns servers.
This allows internal clients to have a local view of a domain, while
external clients have a different view, being served from a different
name server daemon/zone file. |
| |
DNS
Security
This paper will address security issues
involved with the DNS client/server architecture within a UNIX environment.
Suggestions on securing DNS by preventing unauthorized zone transfers
will also be discussed. |
| |
Chroot-BIND
HowTo
This document describes installing the BIND 8 nameserver to run in
a chroot jail and as a non-root user, to provide added security and
minimise the potential effects of a security compromise. |
| |
Using
BIND: Don't get spoofed again
With the recent publicity over
the DNS spoofing attack against the InterNIC, it's become painfully
obvious just how vulnerable the Internet's DNS infrastructure is.
This article will help you secure your servers that are exposed directly
to the Internet. |
| |
Addressing
Weaknesses in the DNS Protocol
An extremely thorough analysis of the problems and security weaknesses
in the current implementation of DNS. Includes an explanation
of how these weaknesses can be exploited to break into a system.
PS format. |
| |
DNS
and BIND Security Issues
A discussion of the problems that have plagued BIND and efforts to
correct them. |
| |
Coding
with the DNS Protocol
An excellent guide to C programming
for DNS on the UDP and TCP packet level. |
| |
|
|
