
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Resources
|
213
General DNS Security Resources
comp.protocols.tcp-ip.domains
USENET group
http://www.intac.com/~cdp/cptd-faq/
comp.protocols.tcp-ip.domains’s Frequently Asked Questions about DNS
Rowland, Craig. “Securing DNS” (http://www.guides.sk/psionic/dns/)
Instructions on securing BIND on both OpenBSD and Red Hat Linux
Some DNS-related RFCs (available at http://www.rfc-editor.org)
• 1035 (general DNS specs)
• 1183 (additional Resource Record specifications)
• 2308 (Negative Caching)
• 2136 (Dynamic Updates)
• 1996 (DNS Notify)
• 2535 (DNS Security Extensions)
Some DNS/BIND security advisories (available at http://www.cert.org)
CA-2002-31
“Multiple Vulnerabilities in BIND” (Versions 4 and 8)
CA-2002-15
“Denial-of-Service Vulnerability in ISC BIND 9”
CA-2000-03
“Continuing Compromises of DNS Servers”
CA-99-14
“Multiple Vulnerabilities in BIND”
CA-98.05
“Multiple Vulnerabilities in BIND”
CA-97.22
“BIND” (cache poisoning)
BIND Resources
Internet Software Consortium. “BIND Operator’s Guide” (“BOG”)
Distributed separately from BIND 8 source code; current version downloadable
from ftp://ftp.isc.org/isc/bind/src/8.3.3/bind-doc.tar.gz. The BOG is the most
important and useful piece of official BIND 8 documentation.