Relevance and protection regarding dns attacks, Computer Networking

Relevance and Protection regarding DNS Attacks

While discussing about the relevance and protection of the database, there are many things which need to consider. Almost, may of the issues be able to be addressed with the new updated version or can say the new release of bind.  But according to menandmice.com, the threat is still real:

“A lot of other alarming surveys are available on this website “

Another suitable solution can be the DNS SEC, which is a proposition for secure DNS transactions. Although, this approach generally solves almost all the protocol problems. But because of backward compatibility reason, sometimes, this is not implemented and hence the other alternatives are needed to be discovered by the current network administrator. In order to save or can say to secure the group of servers or simple the DNS; there are many alternatives which can be opted.

Following are measures can be taken in order to escape form the above stated problems of can say the issues

  • In order to prevent spoofing, recursive queries need to be controlled and hence should be forbidden.
  • Maximum updating of that BIND is good hence this process hold be incremented as many as possible.
  • Managing  all the servers in the single and same subnet not only increase the effort for hard management but it also results in the single point failure problem, which need to be overcome by dividing the server in to different subnets. This happens same in the case of routers as well as leased lines.
  • Restrict the possible queries and the possible hosts who are allowed to query to the minimum.

 

While discussing about the processing of the DNS, there is one specific service which is used to synchronize with the primary server is the request (AXFR).  In real since, this services can be hacked in order to get the required information regarding zone transfer and hence all the data of the current DNS can be accessed. This will allow the hacked to gather or can say collect all the associated information regarding the victim’s network. In order to protect this kind of hacking, the good way is to put this feature off in order to restrict it to specific host.

There is another best alternative which can be adopted in order to protect the DNs is the mechanism of Divide and conquer strategy used in the DNS architecture.  The main principal of this strategy is generally contains two major process. The initial one divides or can say diverges the Domain name System (DNS system in order to result in to two parts, out of which the one perform the function of mapping which will be from name to address and the other that is the second part will perform the process for the requesting the incoming which are generally from the internal or can say from the host which are trusted. This is the reason, in the case of external Domain Name System, if the hacked process is applied to external DNS, to the internal hosts,the service provider won’tbe affected at least.

Posted Date: 3/1/2013 3:06:20 AM | Location : United States







Related Discussions:- Relevance and protection regarding dns attacks, Assignment Help, Ask Question on Relevance and protection regarding dns attacks, Get Answer, Expert's Help, Relevance and protection regarding dns attacks Discussions

Write discussion on Relevance and protection regarding dns attacks
Your posts are moderated
Related Questions
A default route is analogous to a default gateway. It is used to decrease the length of routing tables and to give complete routing capabilities when a router may not know the rout

What is the full form of FDM and TDM It is both. Each of the 100 channels is possess its own frequency band (FDM), and on every channel two logical streams are intermixed by th

Mail Message  Format When an e mail  is sent from one person  to another  a header containing peripheral information precedes  the body  of the message itself. This contained

Speed Up:- Speed up is the ratio of the time required to implement a given program using a definite algorithm on a machine with one processor (i.e. T (1) (where n=1)) to the ti

Q. Show the Masking process? Masking Take out the address of the physical network from an IP address Used by routers inside the organization

What is Synchronous TDM? In STDM, the multiplexer allocates exactly the same time slot to every device at all times, whether or not a device has anything to transmit.

It is an additional 16-bit number which uniquely identifies the specific service on any given machine on the Internet. Port numbers are 16 bit wide, so each of the computers on the

In quantum computing, we use the method of qubits, superposition and coherence. A normal bit can be in only two states - 0 and 1. But a qubit it can be in 0, 1, or in the superposi

show ipx servers is the command that shows the SAP table

An ATM network is created from interconnected ATM switches. The attachment ports or points can be connected to computers or other ATM switches. As cells reach at an ATM switch, the