All
All

Minimizing Information Leakage in the DNS

497 KB | 3 files |  PDF

Signature-based DNS security extensions have given hackers a way to scope out information on networks before they begin a direct attack. This paper looks at methods for mitigating this risk while still using DNSSEC to augment Internet security.

The Domain Name System is the global lookup service for network resources. To protect DNS information, the DNS security extensions have been developed and deployed on branches of the DNS to provide authentication and integrity protection using digital signatures. However, signed DNS nodes were found to have an unfortunate side effect: An attacker can query them as reconnaissance before attacking hosts on a particular network.

There are different ways a zone administrator can minimize information leakage and still take advantage of DNSSEC for integrity and source authentication. This article from the National Institute of Standards and Technology describes the risk and examines the protocol and operational options and looks at their advantages and drawbacks.

Included in this zip file are:

  • Minimizing Information Leakage in the DNS.pdf
  • Intro Doc.pdf
  • Terms and Conditions.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology» | Visit National Institute of Standards and Technology »
Related IT Downloads

Misc43 Guidelines for Smart Grid Cybersecurity

This three-volume report presents an analytical framework that organizations can use to develop effective cybersecurity strategies tailored to their particular combinations of smart grid-related characteristics, risks, and vulnerabilities. ...  More >>

Money3 PCI Compliance: The Definitive Guide

In this excerpt from chapter 20, the author briefly discusses the challenges and success factors that the organization must be aware of to maintain compliance and achieve optimum information security for the enterprise. ...  More >>

Approximate Matching: Definition and Terminology

Approximate matching is a promising technology designed to identify similarities between two digital artifacts. This can be very useful for filtering data for security monitoring and digital forensics. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data


Close
Thanks for your registration, follow us on our social networks to keep up-to-date