DNSSEC: DNS Security Extensions
Securing the Domain Name System
 Dnssec.net
DNS Threats & DNS Weaknesses
DNSSEC.NET BIND9.NET BGP4.AS HONEYPOTS.NET WARDRIVE.NET FORENSICS.NL SECURITYBOOKS NETWORKINGBOOKS
Securing the Domain Name System with DNSSEC DNS, BIND, DHCP, LDAP Resource Directory Border Gateway Protocol and Advanced Routing Intrusion Detection, Honeypots & Incident Response Wireless LAN (802.11) Security and Wardriving Computer Forensics and Cybercrime Resources The Computer Security Bookstore The Networking & Sysadmin Bookstore


 All about DNSSEC
Why Deploy DNSSEC
DNSSEC Papers, Articles
DNSSEC Presentations
DNSSEC Research
DNS Threats & Weaknesses
DNSSEC News & Announcements

 DNSSEC Software & Practical
DNSSEC Software & Tools
DNSSEC Projects, Testbeds
DNSSEC Setup & Implementation
DNSSEC Training, Workshops

 IETF Protocol Reference (RFC)
DNSSEC related RFCs (IETF)
Home - About - Contact

Always handy:
DNSSEC Intro RFC (RFC 4033)
DNSSEC Records RFC (RFC 4034)
DNSSEC Protocol RFC (RFC 4035)
DNSSEC NSEC3 RFC (RFC 5155)
DNSSEC + EPP RFC (RFC 5910)
DNSSEC Operational Practices
The RFC Archive






** BIND & DNSSEC Training **
from the Experts!
Internet Systems Consortium (ISC) is excited to announce a new DNSSEC Training.

The ISC DNSSEC Technical Workshop covers DNSSEC Implementation and Deployment.

Complete international training schedule is available here. On-site trainings are also possible.

 DNS Threats & Weaknesses of the Domain Name System

Related Reading
DNS Links & Whitepapers
DNSSEC Publications, Whitepapers, Articles
DNSSEC Presentations
Health of the Domain Name System

2008 DNS Cache Poisoning Vulnerability
Kim Davies, ICANN, Nov 2008

Addressing Weaknessess in the Domain Name System Protocol
Christoph Schuba, Aug 1993

Anatomy of Recent DNS Reflector Attacks from the Victim and Reflector Points of View
Frank Scalzo, NANOG-37 Meeting, Jun 2006

Attack and Contingency Response Planning for ccTLDs: A Primer on Cyber Threats to ccTLDs
Chris Fogle, Chris Evans, Oct 2008

Attacking Distributed Systems - The DNS Case Study
Dan Kaminsky, 2003

Botnets and Packet Flooding DDoS Attacks on the Domain Name System
John Kristoff, Rodney Joffee, May 2007

Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority
David Dragon, Niels Provos, Christopher P. Lee, Wenke Lee, Feb 2008

Dan Kaminsky on the vulnerability he discovered in DNS - Full details (Powerpoint)
Dan Kaminsky, Black Hat Conference, Aug 2008

Deploying DNS Security (Powerpoint)
Dan Massey, Russ Mundy, May 2003

Detection and Prevention of DNS Query PTR record-based Distributed Denial-of-Service Attacks
Yasuo Musashi, Ryuichi Matsuba, Kenichi Sugitani, 2004

DNS Amplification Attacks
Randal Vaughn, Gadi Evron, Mar 2006

DNS Amplification Attacks
Matsuzaki Yoshinobu, RIPE-52 Meeting, Apr 2006

DNS Attacks Attempt to Mislead Customers
Robert Lemos, Channel Register, Apr 2005

DNS Amplification Variation Used in Recent DDoS Attacks
Don Jackson, Feb 2009

DNS Cache Poisoners - Lazy, Stupid, or Evil?
Presentation, Duane Wessels, NANOG-36 Meeting, Feb 2006

DNS Cache Poisoning
Wikipedia

DNS cache poisoning bugs hits Symantec shops
John Leyden, The Register, Mar 2005

DNS Cache Poisoning - The Next Generation
Article, Joe Stewart, Jan 2003

DNS Cache Snooping: Snooping the Cache for Fun and Profit
Luis Grangeia, Feb 2004

DNS Distributed Denial of Service (DDoS) Attacks
ICANN Security and Stability Advisory Committee, SSAC Advisory SAC008, Mar 2006

DNS Faces Old and New Cyberthreats
Michael Arnone, FCW.com Article, Aug 2005

DNS Monkey-in-the-Middle Attack
Kazunori Fujiwara, Feb 2005

DNS 'Pharming' Attacks Target .com Domain
Paul Roberts, ComputerWorld Article, Apr 2005

DNS Poisoning and Domain Hijacking
Article, informIT, Aug 2002

DNS Poisoning Scam Raises Wariness of 'Pharming'
Rich Miller, Netcraft, Mar 2005

DNS Root Attack on 6th Feb 2007 - End User View
Matsuzaki 'maz' Yoshinobu, NANOG-40 Meeting, Jun 2007

DNS Security, Present and Future
Edward Lewis, Nov 2001

DNS Security Update
Article, ICANN, Jan 2002

DNS Servers: An Internet Achilles' Heel
Joris Evers, CNET article, Aug 2005

DNS Spoofing (Malicious Cache Poisoning)
Doug Sax, 2002

DNS Spoofing Techniques
Spacefox/Secure Sphere Crew, Jan 2002

DNS Survey: Cache Poisoners
The Measurement Factory, 2006

DNS Survey: Open Resolvers
The Measurement Factory, 2006

DNS Threat Analysis
Mark Santcroos, Olaf Kolkman, May 2007

DNSSEC: Basics, Risks and Benefits (Powerpoint)
Olaf Kolkman, Feb 2005

DNSSEC Overview, Issues and Status (Powerpoint)
Russ Mundy, Apr 2005

DNSSEC: Theory and Worldwide Operational Experiences (includes DNS Attack Examples)
Paul Wouters, Nov 2007

Domain Name Hijacking: Incidents, Threats, Risks, and Remedial Actions
ICANN Security and Stability Advisory Committee (SSAC), Jul 2005

Domain Name System (DNS) Security
Diane Davidowicz, 1999

Failles Intrinsèques du Protocole DNS (DNS Intrinsic Security Flaws) (in French)
Pierre Betouin, Oct 2003

How Secure are the Root DNS Servers?
Susan Baranowski, Mar 2003

Internet Infrastructure Security and Stability (Powerpoint)
Steve Crocker, Jan 2004

Monitoring DNS Cache Poisoning Attacks
Tsuyoshi Toyono, Keisuke Ishibashi, Sep 2008

Multiple DNS Implementations Vulnerable to Cache Poisoning (CERT VU#800113 / "Dan Kaminsky attack")
Alan Clegg, ISC, Jul 2008

Open Resolvers and the Threat of Reflection Attacks
John Kristoff, Sep 2006

Patching Nameservers: Austria reacts to the US-CERT VU#800113 DNS Vulnerability
Otmar Lendl, L. Aaron Kaplan, CERT Austria, Jul 2008

Perils of Transitive Trust in the Domain Name System
Venugopalan Ramasubramanian, Emin Gün Sirer, Oct 2005

Preventing Future Attacks: Alternatives in DNS Security Management - Part I
Patricia Steadman, CircleID Magazine, Nov 2002

Protecting Browsers from DNS Rebinding Attacks
Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, Dan Boneh, Oct 2007

Redirection in the COM and NET Domains
ICANN Security and Stability Advisory Committee (SSAC), Jul 2004

Risks and Security for the Domain Name System
Allison Mankin, Marcus Sachs, Jul 2005

Securing Your DNS Infrastructure
Alex Drescher, Tim Rooney, Jan 2005

Sécurisation du DNS: les extensions DNSSEC (in French)
Betrand Léonard, AFNIC/projet IDsA

Security Issues with DNS
Florent Carli, Sans InfoSec Reading Room, Jun 2003

Signposts in Cyberspace: The Domain Name System and Internet Navigation
Online publication, Committee on Internet Navigation and the Domain Name System, Mar 2005

Signposts in Cyberspace: The Domain Name System and Internet Navigation
Committee on Internet Navigation and the Domain Name System, RIPE-50 Meeting, May 2005

Spoof This!
Simson Garfinkel, Hotwired, 1997

Standard For Securing Domain Name System Nears Finalization
Antone Gonsalves, InternetWeek.com, Nov 2003

The Achilles Heal of DNS
Christopher Irving, Aug 2001

The Continuing Denial of Service Threat Posed by DNS Recursion
US-CERT, 2005

The Evolving Threats to the Availability and Security of the Domain Name System
Paper, John Holmblad, Oct 2003

The Internet Gets a Patch, as DNS Bug Is Fixed
Robert McMillan, PC World Magazine, Jul 2008

The Large-Scale Threat of Bad Data in DNS
Jason Coombs, Aug 2002

The State of the Art in DNS Spoofing
U. Steinhoff, A. Wiesmaier, R. Araújo, Jun 2006

Threat Analysis of the Domain Name System
IETF RFC 3833, D. Atkins, R. Austein, Aug 2004

Threat Analysis & Implementation of DNS Routing Attacks
Ashish Anand, Dec 2005

Using the Domain Name System for System Break-ins
Paper, Steven M. Bellovin, 1990

What is DNS Spoofing?
Men & Mice, Jan 2003

What is Wrong with the DNS
Presentation, Duane Wessels, RIPE-53 Meeting, Oct 2006

DNSSEC.NET BIND9.NET BGP4.AS HONEYPOTS.NET WARDRIVE.NET FORENSICS.NL SECURITYBOOKS NETWORKINGBOOKS

© 2002-2024 DNSSEC.NET. All rights reserved.
Page last modified on Mon 15 October 2018 00:02:27 CET
DNS SECURITY
Privacy Statement


af183d41d32b8d2060360fbf713dd70a