Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.
Hi, I need help with essay on Bind/DNS Spoofing. Paper must be at least 1750 words. Please, no plagiarized work!Download file to see previous pages... Still, if a client wanted to visit the site he wo
Hi, I need help with essay on Bind/DNS Spoofing. Paper must be at least 1750 words. Please, no plagiarized work!
Download file to see previous pages...Still, if a client wanted to visit the site he would have to type all the digits of the IP address.
Therefore, the interned needed a service that could be human-legible and easy to remember for humans. The domain name service (DNS) was thus invented in 1983. This new service was the solution for translate the domain name which is suitable for human-beings to IP address which is suitable for computers. There are different types of DNS such as Microsoft DNS, djbdns and Berkeley Internet Name domain (BIND). The BIND is the most commonly used for DNS server.
The DNS has different types of attacks. These include the Denial of Service (DOS) attack, the spoofing attack or attacks against the DNS software. Attacks could in possibility lead to taking the host control over which could lead to further attacks. Names servers' response has two ways to operate for queries received:
The attacker could affect the name server, which would allow recursive queries from any source to look up and cash the data. These zones would now be under attacker control and then the victim name server makes the attacker malicious name servers. This can result in the victim name server starting to cash and serve bogus data. ...
The attacker could affect the name server, which would allow recursive queries from any source to look up and cash the data. These zones would now be under attacker control and then the victim name server makes the attacker malicious name servers. This can result in the victim name server starting to cash and serve bogus data. This senior could be vulnerable in the name servers that allow the recursive from any source. Which, in most name servers comes by default. Also this could lead to a Denial of Server (DoS) attack or even possibly a Man-in-the-middle (MITM) attack.
The network administrators have some options to secure the BIND from the spoofing attack. There are some options that could be used for a particular version of BINS. These options are as follows:
1. Disable recursion entirely.
2. Restrict the addresses that can make queries to the name server.
3. Restrict the addresses that can make recursive queries to the name server.
4. Disable the fetching of glue records.
1. Disable recursion entirely
By disabling the name server that mean the name server will be in the passive mode. It will then not send queries on behalf to other name servers. A non-recursive name server is secure from cash poisoning and also DoS attack because a non-recursive name server will just respond to the queries that send to it directly and will not send queries so it does not cash any information or data.
To disable recursion entirely in the BIND version 8 and 9 , you have to add this statement :
options {
recursion no.
}.
2. Restrict the addresses that can make queries to the name server
This option allows the system to specify known sites and zones that could make queries.
