Referenced Items are not available for this document.
The domain name system is the global lookup service for network resources. To protect DNS information, the DNS security extensions have been developed and deployed on branches of the DNS to provide authentication and integrity protection using digital signatures. However, signed DNS nodes were found to have an unfortunate side effect: an attacker can query them as reconnaissance before attacking hosts on a particular network. There are different ways a zone administrator can minimize information leakage and still take advantage of DNSSEC for integrity and source authentication. This article describes the risk and examines the protocol and operational options and looks at their advantages and drawbacks.
Published in:
Network, IEEE
(Volume:22
,
Issue:
2
)
Date of Publication: March-April 2008
- Page(s):
- 22 - 25
- ISSN :
- 0890-8044
- INSPEC Accession Number:
- 9906927
- Digital Object Identifier :
- 10.1109/MNET.2008.4476067
- Product Type:
- Journals & Magazines
- Date of Current Version :
- 31 March 2008
- Issue Date :
- March-April 2008
- Sponsored by :
- IEEE Communications Society
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
