Chapter 13. DNS Security
DNS is complex, and can be difficult to understand. This complexity is compounded by often conflicting advice on how DNS should be managed. Most of this advice is accurate, depending on your needs, but it is important to understand that not all advice applies equally to all situations.
As with any other part of the network, there are several aspects of DNS security that need to be addressed:
The domain name
The authoritative DNS server
Individual zone files
The caching DNS server
Before understanding the idea behind DNS security strategies, it is important to know a little of the history of DNS. When the Internet was still a project, called ARPANET, run by DARPA, administrators realized they needed an easy way for machines ...