The DNS protocol is peculiar. It's one of the oldest, most universally used, and most crucial of all networking protocols, but it's still the source of many network security problems. DNS has some fundamental limitations, but there's no reason for it to be the weakest link in your organization's security. Perhaps it's DNS's apparent simplicity that breeds complacency toward DNS security. It's easy to set up a DNS server and forget about it, but an incorrectly configured and neglected DNS serverrncan be a significant security problem. DNS services, as providers of network information, will always be targets for reconnaissance and information gathering, but careful planning and vigilance will minimize the risk of malicious hackers using your own servers against you. You can do much to build a solid and secure DNS infrastructure on your network, whether you're using Microsoft DNS or BIND.
展开▼
