E-Book, Englisch, 226 Seiten
Liska / Stowe DNS Security
1. Auflage 2016
ISBN: 978-0-12-803339-5
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
Defending the Domain Name System
E-Book, Englisch, 226 Seiten
ISBN: 978-0-12-803339-5
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
DNS Security: Defending the Domain Name System provides tactics on how to protect a Domain Name System (DNS) framework by exploring common DNS vulnerabilities, studying different attack vectors, and providing necessary information for securing DNS infrastructure. The book is a timely reference as DNS is an integral part of the Internet that is involved in almost every attack against a network. The book focuses entirely on the security aspects of DNS, covering common attacks against DNS servers and the protocol itself, as well as ways to use DNS to turn the tables on the attackers and stop an incident before it even starts. - Presents a multi-platform approach, covering Linux and Windows DNS security tips - Demonstrates how to implement DNS Security tools, including numerous screen shots and configuration examples - Provides a timely reference on DNS security, an integral part of the Internet - Includes information of interest to those working in DNS: Securing Microsoft DNS and BIND servers, understanding buffer overflows and cache poisoning, DDoS Attacks, pen-testing DNS infrastructure, DNS firewalls, Response Policy Zones, and DNS Outsourcing, amongst other topics
Allan Liska has more than 15 years of experience in the world of information security. Mr. Liska has worked both as a security practitioner and an ethical hacker, so he is familiar with both sides of the security aisle and, through his work at Symantec and iSIGHT Partners, has helped countless organizations improve their security posture using more effective intelligence. In addition to security experience, Mr. Liska also authored the book The Practice of Network Security and contributed the security-focused chapters to The Apache Administrators Handbook.
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;DNS Security;4
3;Copyright Page;5
4;Dedication;6
5;Contents;8
6;About the Authors;12
7;Acknowledgments;14
8;1 Understanding DNS;16
8.1;Introduction;16
8.2;DNS History;17
8.2.1;The Hosts.txt File;17
8.2.2;Mail Problems;19
8.2.3;RFC 819 and 920;20
8.2.4;On to Commercialization;21
8.3;The Root;22
8.4;Recursive and Authoritative Servers;26
8.4.1;Recursive Name Servers;26
8.4.2;Authoritative Name Servers;29
8.5;Zone Files;31
8.6;Resource Records;33
8.6.1;Address Records;34
8.6.2;Canonical Name Records;34
8.6.3;Mail Exchanger Records;35
8.6.4;Name Server Records;35
8.6.5;Pointer Records;36
8.6.6;Host Info Records;37
8.6.7;Server Records;37
8.6.8;Text Records;38
8.7;Conclusions;38
8.8;Notes;38
9;2 Issues in DNS security;40
9.1;Introduction;40
9.2;A Brief History of DNS Security Breaches;41
9.3;Why Is DNS Security Important?;43
9.4;Common DNS Security Problems;44
9.5;Developing a DNS Security Plan;50
9.6;Notes;54
10;3 DNS configuration errors;56
10.1;Introduction;56
10.2;DNS Server Vulnerabilities;56
10.3;Fingerprinting DNS Servers;62
10.4;Buffer Overflows, Race Conditions, and Execution with Unnecessary Privileges;64
10.5;Human Errors;66
10.6;Conclusions;68
11;4 External DNS exploits;70
11.1;Introduction;70
11.2;Cache Poisoning;71
11.2.1;Web Browser Caching;77
11.3;DNS Spoofing;78
11.4;DDoS Attacks Using DNS;80
11.5;Using DNS as a Command and Control or Exfil Channel;84
11.6;Conclusions;89
11.7;Notes;89
12;5 DNS reconnaissance;90
12.1;Introduction;90
12.2;WHOIS;90
12.2.1;Sources of Whois Data;95
12.3;Mapping DNS Infrastructure;96
12.4;DNS Fingerprinting;97
12.5;Reverse DNS;98
12.6;DNS Cache Snooping;100
12.7;Passive DNS;102
12.8;Collection of Query Data;103
12.9;Conclusions;106
12.10;Notes;106
13;6 DNS network security;108
13.1;Introduction;108
13.2;Locating DNS Servers;109
13.3;Public and Private DNS Infrastructure;110
13.4;Logging and Monitoring DNS Traffic;112
13.5;Flagging Bad Domains;113
13.5.1;Flagging DNS Queries;120
13.5.2;DNS and the SIEM;122
13.6;Passive DNS;123
13.6.1;Fast-Flux Domains;128
13.7;DNS Firewalls and RPZ;129
13.8;Blacklists, Whitelists, and Other DNS Threat Intelligence;131
13.9;Conclusions;133
13.10;Notes;133
14;7 BIND security;136
14.1;Introduction;136
14.2;Running BIND in a chroot Jail;137
14.3;Fingerprint Evasion Techniques;139
14.4;Response Rate Limiting;141
14.5;Queries and Transfers;142
14.5.1;Using TSIG to Sign Zone Transfers;144
14.6;Response Policy Zones;145
14.7;Logging;149
14.8;Conclusions;152
14.9;Notes;153
15;8 Windows DNS security;154
15.1;Introduction;154
15.2;Securing Windows DNS Files;155
15.3;Dynamic DNS Control;158
15.4;Queries and Transfers;160
15.4.1;DNS on Windows Workstations;162
15.5;Windows and DDoS;163
15.6;Windows Caching Servers;165
15.7;Windows DNS and High Availability;167
15.7.1;Windows Setup Instructions;168
15.7.2;Restoration Time;168
15.7.3;Security Implications;169
15.8;Logging;169
15.8.1;Windows Log Analysis;170
15.9;Conclusions;172
15.10;Notes;173
16;9 DNS outsourcing;174
16.1;Introduction;174
16.2;DNS Outsourcing;175
16.3;Deciding How Much to Outsource;177
16.3.1;Managed DNS;178
16.3.2;Split DNS;179
16.3.3;Outsourcing Recursive DNS;181
16.4;Working Securely with a DNS Provider;182
16.5;Monitoring DNS Infrastructure;183
16.6;DNS Outsourcing and DDoS;184
16.7;Conclusions;185
16.8;Notes;186
17;10 DNS security extensions;188
17.1;Introduction;188
17.2;Background;188
17.3;Cryptography Overview and TLS;189
17.4;DNSSEC Protocol;192
17.5;NXDOMAIN Responses;199
17.6;Implementing DNSSEC on Linux;201
17.7;Implementing DNSSEC on Windows;202
17.8;Operating a DNSSEC Zone;203
17.8.1;Managing Key Validity Times;204
17.8.2;DNSSEC Look-Aside Validation;204
17.8.3;Other Uses of DNSSEC;205
17.8.4;DNSSEC and DDoS Amplification;205
17.9;DNSSEC Criticisms;205
17.10;Conclusions;207
17.11;Notes;207
18;11 Anycast and other DNS protocols;208
18.1;Introduction;208
18.2;Anycast Motivation;208
18.3;Anycast;211
18.4;Implementing Anycast;212
18.5;Anycast and DDoS;214
18.6;Multicast DNS;215
18.7;DNS Service Discovery;217
18.8;Tor Hidden Services;219
18.8.1;BitTorrent/P2P DNS;220
18.9;Conclusions;220
18.10;Notes;220
19;Index;222
20;Back Cover;227
