Call trans opt: receveid. 9-18-99 14:32:31 REC:log>
WARNING: carrier anomaly
Trace program: running
> Welcome
38.107.191.99
16.03.2010 - 01:25 (00:25 GMT)
5orry, you have... NO MAIL.
DNS Security and Vulnerabilities: The Complete Documentation
- This category contains 13 Papers
- The last paper was added on 2007-03-26 (YYYY-MM-DD)
Achilles Heal of DNS (The)
Published on August 02, 2001, by Christopher Irving, ©SANS Institute.
One of the four categories of Denial of Service (DoS) attacks list by Scambray, McClure, and Kurtz is Routing and DNS attacks (1). This refers to attacks which corrupt the information these systems use to perform their functions. Information Poisoning, though more general, is a more accurate term for categorizing these types of attacks. It is also more inclusive of attacks such as ARP Poisoning which employ similar tactics and are possible because of a common vulnerability. Each of the protocols associated with these attacks either completely lacks or has very poor methods of authentication. Attackers capitalize on this weakness to undermine the trust relationship between two systems. This paper will attempt to illustrate consequences of this deficiency. Buffer overflows and other attacks on specific software that implement DNS will not be covered.
File infos:
- L0T3K ID: docs-274
- status: online
- source: www.sans.org
Addressing Weaknesses in the Domain Name System Protocol
Published on August 1993, by Christoph Schuba, ©Purdue University.
This thesis describes problems with the DNS and one of its implementations that allow the abuse of name based authentication. This leads to situations where the name resolution process cannot be trusted, and security may be compromised.
File infos:
- L0T3K ID: docs-277
- status: online
- source: www.purdue.edu
Basics of DNSSEC (The)
Published on 2004-10-14, by Ibrahim Haddad and David Gordon, ©O'Reilly Media, Inc..
The Domain Name System (DNS) is one of the Internet's fundamental building blocks. It is responsible of locating and translating Internet domain names into Internet Protocol (IP) addresses. A domain name is a meaningful and easy-to-remember "handle" for an Internet address.
File infos:
- L0T3K ID: docs-1232
- status: online
- source: www.onlamp.com
Bound by Tradition: A Sampling of the Security Posture of the Internet's DNS Servers
Published on February 2003, by Mike Schiffman, ©PacketFactory.
DNS servers across the Internet running BIND® are not up to date with security patches and software updates. As a result, a significant fraction of the Internet's DNS servers is vulnerable to compromise, subversion, denial of service, and general misuse. Considering that DNS is the lynchpin of the corporate enterprise, the impact of these vulnerabilities is significant and a successful attack could bring down any online business.
File infos:
- L0T3K ID: docs-321
- status: online
- source: www.packetfactory.net
Defense in Depth for DNS
Published on February 13, 2003, by Cheng Teoh, ©SANS Institute.
The Domain Name System (DNS) is one of the key components of the Internet and most IP networks, for that matter. Despite its importance, not many people have even heard of DNS, much less know what it is and how to keep it secure. For the sake of the uninitiated, DNS is analogous to a telephone directory for the Internet. DNS translates the server names, that humans are more likely to remember, to IP addresses, which computers use to navigate through the Internet.
File infos:
- L0T3K ID: docs-368
- status: online
- source: www.sans.org
DNS Cache Poisoning - The Next Generation
Published on 2003-01-20, by Joe Stewart, ©LURHQ Corporation..
The old problem of DNS cache poisoning has again reared its ugly head. While some would argue that the domain name system protocol is inherently vulnerable to this style of attack due to the weakness of 16-bit transaction IDs, we cannot ignore the immediate threat while waiting for something better to come along. There are new attacks, which make DNS cache poisoning trivial to execute against a large number of nameservers running today. The purpose of this article is to shed light on these new attacks and recommend ways to defend against them.
File infos:
- L0T3K ID: docs-379
- status: online
- source: www.lurhq.com
DNS Security Considerations and the Alternatives to BIND
Published on October 02, 2001, by Seng Chor, Lim, ©SANS Institute.
This paper is going to discuss about the important considerations of the DNS Security. Due to the continuous break-ins to BIND© 8 (one of the most popular choice of DNS server) in the past, this paper proposes either (a) securing your BIND© 8 by running as an unprivileged user with chrooting into jail, (b) upgrading to BIND© 9 and securing it running as an unprivileged user with chrooting into jail or (c) switch to using other alternatives. By the end of this paper, the reader will have some ideas on a more secure implementation of the DNS server.
File infos:
- L0T3K ID: docs-382
- status: online
- source: www.sans.org
DNS Spoofing (Malicious Cache Poisoning)
Published on November 12, 2000, by Doug Sax, ©SANS Institute.
DNS Spoofing is best described as a DNS name server making use of false information received from a host that is not the authority for that information. It's a significant security threat to those organizations that have not taken steps to protect against it. DNS Spoofing can allow attackers to access a site's e-mail, it can cause users to be redirected to the wrong web sites even be the opening move in a denial of service attack.
File infos:
- L0T3K ID: docs-383
- status: online
- source: www.sans.org
Flat Footed Hacker (The)
Published on September 17, 2001, by Joe Klemenci, ©SANS Institute.
You have a firewall protecting your resources from the Internet. You operate a proxy server for your users to access the Internet without them having to directly touch the Internet. You are diligent with the latest system patches. Even through your efforts, are you still leaking too much information out to the bad guys?
File infos:
- L0T3K ID: docs-413
- status: online
- source: www.sans.org
How Secure are the Root DNS Servers?
Published on May 06, 2003, by Susan Baranowsk, ©SANS Institute.
On October 21, 2002, the Internet was the target of a Distributed Denial of Service (DDoS) attack. The extent and scope of the impact has been the subject of several forums. Primarily, these discussions have centered on how vulnerable are the venerable root name servers that are at the top of the Internet hierarchy. This attack impacted 9 of the 13 root name servers. This paper is meant to provide the reader with insight into what the root server is and how the root name servers system operates; the threats to which the root servers are vulnerable, what countermeasures have been implemented for protection; a summary of the October 21, 2002 incident; and industry analysis of the root name server system. This paper is intended as an overview for a general audience. References and links are provided for those who want more technical insight. The purpose is to provide the current state of the root name server system and its operation.
File infos:
- L0T3K ID: docs-438
- status: online
- source: www.sans.org
Securing an Internet Name Server
Published on August 2002, by Allen Householder, Brian King, ©CERT.
The goal of this document is to discuss general name server security. However, in order to provide useful examples we have chosen to focus on BIND© since it is the most commonly used software for DNS servers.
File infos:
- L0T3K ID: docs-604
- status: online
- source: www.cert.org
Understanding and Attacking DNS
Published on 2004-05-13, by Wezel, ©Wezel.
The Domain Name System (DNS) is a distributed resource used by most every network application. DNS data is generally trusted implicitly; false data therefore can jeopardize the integrity of network traffic and allow attackers to play manin- the-middle with all traffic. DNS security depends on the client, server, and their respective trust relationship. Securing the trust relationship and building a reliable server can create a reliable and secure DNS structure for the system administrator behind your corporate and private communication requirements. Security of a DNS server varies according to its active role and name resolution requirements. Server responsibilities can be classified as one of three types. Depending on the need of the server, one specific role should be chosen; in particular situations, multiple roles can be supported simultaneously on one physical server. In this shared configuration, authoritative and resolver servers are generally together. Running an individual server for each DNS role is ideal, specifically in a large production environment. After understanding the individual roles and mechanics between each server and experiencing problems individually, an administrator can securely and reliably maintain multiple DNS roles on a single system. DNS security is custom for each type of server, each type of communication, and each common software distribution, all of which will be explained in this article via an in-depth walkthrough.
File infos:
- L0T3K ID: docs-1056
- status: online
- source: www.linuxexposed.com
Why is securing DNS zone transfer necessary ?
Published on March 31, 2003, by Steve Lau, ©SANS Institute.
Domain Names System (DNS) is a vital and critical component of the Internet. Users often do not know anything about DNS, but they definitely use it every time they are on the Internet. DNS is the mechanism that translates IP address 192.168.1.200 to a name www.somewhere.com and vice versa. It is much easier for someone to remember a name such as www.somewhere.com than an IP address. Electronic mail, web browsing, ftp, and any other Internet related applications rely on DNS.
File infos:
- L0T3K ID: docs-676
- status: online
- source: www.sans.org
Created: 2010-03-16 00:25 | Modified: 2009-01-10 02:17 | Size: 35486 octets