Filter
Top Products
30 Chapter 2 DNS Service
To see DNS usage statistics:
1 In Server Admin, choose DNS in the Computer & Services list.
2 Click Activity to view operations currently in progress and usage statistics.
Securing the DNS Server
DNS servers are targeted by malicious computer users (commonly called “hackers”) in
addition to other legitimate Internet servers. There are several kinds of attacks that DNS
servers are susceptible to. By taking extra precautions, you can prevent the problems
and downtime associated with malicious users. There are several kinds of security hacks
associated with DNS service. They’re:
• DNS Spoofing.
• Server Mining.
• DNS Service Profiling.
• Denial-of-Service (DoS).
• Service Piggybacking.
DNS Spoofing
DNS spoofing is adding false data into the DNS Server’s cache. This allows hackers to do
any of the following:
• Redirect real domain name queries to alternative IP Addresses.
For example, a falsified A record for a bank could point a computer user’s browser to
a different IP address that is controlled by the hacker. A duplicate website could fool
him or her into giving their bank account numbers and passwords to the hacker
unintentionally.
Also, a falsified mail record could allow a hacker to intercept mail sent to or from a
domain. If the hacker also forwards those emails to the correct mail server after
copying them, this can go undetected indefinitely.
• Prevent proper domain name resolution and access to the Internet.
This is the most benign of DNS spoof attacks. It merely makes a DNS server appear to
be malfunctioning.
The most effective method to guard against these attacks is vigilance. This includes
maintaining up-to-date software as well as auditing your DNS records regularly. As
exploits are found in the current version of BIND, the exploit is patched and a Security
Update is made available for Mac OS X Server. Apply all such security patches. Regular
audits of your DNS records is also valuable to prevent these attacks.
Server Mining
Server mining is the practice of getting a copy of a complete master zone by
requesting a zone transfer. In this case, a hacker pretends to be a slave zone to another
master zone and requests a copy of all of the master zone’s records.
LL2351.Book Page 30 Monday, September 8, 2003 2:47 PM