DNS and BIND Security Issues
暂无分享,去创建一个
Efforts are underway to add security to the DNS protocol. We have observed that if BIND would just do what the DNS specifications say it should do, stop crashing, and start checking its inputs, then most of the existing security holes in DNS as practiced would go away. To be sure, attackers would still have a pretty easy time co-opting DNS in their break-in attempts. Our aim has been to get BIND to the point where its only vulnerabilities are due to the DNS protocol, and not to the implementation. This paper describes our progress to date.
[1] J. Davenport. Editor , 1960 .
[2] Neil Haller,et al. The S/KEY One-Time Password System , 1995, RFC.
[3] Steven M. Bellovin,et al. Using the Domain Name System for System Break-ins , 1995, USENIX Security Symposium.