DNS Security (eBook)
226 Seiten
Elsevier Science (Verlag)
978-0-12-803339-5 (ISBN)
Allan Liska has more than 15 years of experience in the world of information security. Mr. Liska has worked both as a security practitioner and an ethical hacker, so he is familiar with both sides of the security aisle and, through his work at Symantec and iSIGHT Partners, has helped countless organizations improve their security posture using more effective intelligence. In addition to security experience, Mr. Liska also authored the book The Practice of Network Security and contributed the security-focused chapters to The Apache Administrators Handbook.
DNS Security: Defending the Domain Name System provides tactics on how to protect a Domain Name System (DNS) framework by exploring common DNS vulnerabilities, studying different attack vectors, and providing necessary information for securing DNS infrastructure. The book is a timely reference as DNS is an integral part of the Internet that is involved in almost every attack against a network. The book focuses entirely on the security aspects of DNS, covering common attacks against DNS servers and the protocol itself, as well as ways to use DNS to turn the tables on the attackers and stop an incident before it even starts. - Presents a multi-platform approach, covering Linux and Windows DNS security tips- Demonstrates how to implement DNS Security tools, including numerous screen shots and configuration examples- Provides a timely reference on DNS security, an integral part of the Internet- Includes information of interest to those working in DNS: Securing Microsoft DNS and BIND servers, understanding buffer overflows and cache poisoning, DDoS Attacks, pen-testing DNS infrastructure, DNS firewalls, Response Policy Zones, and DNS Outsourcing, amongst other topics
Front Cover 1
DNS Security 4
Copyright Page 5
Dedication 6
Contents 8
About the Authors 12
Acknowledgments 14
1 Understanding DNS 16
Introduction 16
DNS History 17
The Hosts.txt File 17
Mail Problems 19
RFC 819 and 920 20
On to Commercialization 21
The Root 22
Recursive and Authoritative Servers 26
Recursive Name Servers 26
Authoritative Name Servers 29
Zone Files 31
Resource Records 33
Address Records 34
Canonical Name Records 34
Mail Exchanger Records 35
Name Server Records 35
Pointer Records 36
Host Info Records 37
Server Records 37
Text Records 38
Conclusions 38
Notes 38
2 Issues in DNS security 40
Introduction 40
A Brief History of DNS Security Breaches 41
Why Is DNS Security Important? 43
Common DNS Security Problems 44
Developing a DNS Security Plan 50
Notes 54
3 DNS configuration errors 56
Introduction 56
DNS Server Vulnerabilities 56
Fingerprinting DNS Servers 62
Buffer Overflows, Race Conditions, and Execution with Unnecessary Privileges 64
Human Errors 66
Conclusions 68
4 External DNS exploits 70
Introduction 70
Cache Poisoning 71
Web Browser Caching 77
DNS Spoofing 78
DDoS Attacks Using DNS 80
Using DNS as a Command and Control or Exfil Channel 84
Conclusions 89
Notes 89
5 DNS reconnaissance 90
Introduction 90
WHOIS 90
Sources of Whois Data 95
Mapping DNS Infrastructure 96
DNS Fingerprinting 97
Reverse DNS 98
DNS Cache Snooping 100
Passive DNS 102
Collection of Query Data 103
Conclusions 106
Notes 106
6 DNS network security 108
Introduction 108
Locating DNS Servers 109
Public and Private DNS Infrastructure 110
Logging and Monitoring DNS Traffic 112
Flagging Bad Domains 113
Flagging DNS Queries 120
DNS and the SIEM 122
Passive DNS 123
Fast-Flux Domains 128
DNS Firewalls and RPZ 129
Blacklists, Whitelists, and Other DNS Threat Intelligence 131
Conclusions 133
Notes 133
7 BIND security 136
Introduction 136
Running BIND in a chroot Jail 137
Fingerprint Evasion Techniques 139
Response Rate Limiting 141
Queries and Transfers 142
Using TSIG to Sign Zone Transfers 144
Response Policy Zones 145
Logging 149
Conclusions 152
Notes 153
8 Windows DNS security 154
Introduction 154
Securing Windows DNS Files 155
Dynamic DNS Control 158
Queries and Transfers 160
DNS on Windows Workstations 162
Windows and DDoS 163
Windows Caching Servers 165
Windows DNS and High Availability 167
Windows Setup Instructions 168
Restoration Time 168
Security Implications 169
Logging 169
Windows Log Analysis 170
Conclusions 172
Notes 173
9 DNS outsourcing 174
Introduction 174
DNS Outsourcing 175
Deciding How Much to Outsource 177
Managed DNS 178
Split DNS 179
Outsourcing Recursive DNS 181
Working Securely with a DNS Provider 182
Monitoring DNS Infrastructure 183
DNS Outsourcing and DDoS 184
Conclusions 185
Notes 186
10 DNS security extensions 188
Introduction 188
Background 188
Cryptography Overview and TLS 189
DNSSEC Protocol 192
NXDOMAIN Responses 199
Implementing DNSSEC on Linux 201
Implementing DNSSEC on Windows 202
Operating a DNSSEC Zone 203
Managing Key Validity Times 204
DNSSEC Look-Aside Validation 204
Other Uses of DNSSEC 205
DNSSEC and DDoS Amplification 205
DNSSEC Criticisms 205
Conclusions 207
Notes 207
11 Anycast and other DNS protocols 208
Introduction 208
Anycast Motivation 208
Anycast 211
Implementing Anycast 212
Anycast and DDoS 214
Multicast DNS 215
DNS Service Discovery 217
Tor Hidden Services 219
BitTorrent/P2P DNS 220
Conclusions 220
Notes 220
Index 222
Back Cover 227
| Erscheint lt. Verlag | 10.6.2016 |
|---|---|
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 0-12-803339-8 / 0128033398 |
| ISBN-13 | 978-0-12-803339-5 / 9780128033395 |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
EPUB (Adobe DRM)Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
