Paranoid Penguin - DNS Cache Poisoning, Part II: DNSSEC Validation
And with that, your nameserver is successfully validating signed zone data! For now, I wish you thanks and goodbye. As I seem to do every couple years, I'm going to take a hiatus for a few months. I do plan on resuming the Paranoid Penguin after that, however, refreshed and renewed for your reading pleasure.
Until then, take care of yourself and especially your Linux systems!
DNSSEC—the DNS Security Extensions—Protocol Home Page: www.dnssec.net
Alan Clegg's “DNSSEC—Living and Loving Life after Kaminsky; Or: How I overcame my fear and signed my zones.” Presentation to REN-ISAC on 10-30-2008: www.ren-isac.net/techburst/hardcopy/ren-isac_techburst_20081030_clegg_dnssec.pdf
Geoff Huston's “A Fundamental Look at DNSSEC, Deployment, and DNS Security Extensions”: www.circleid.com/posts/dnssec_deployment_and_dns_security_extensions
Ubuntu 10.10 Server Guide: “Chapter 7. Domain Name System (DNS)”: https://help.ubuntu.com/10.10/serverguide/C/dns.html
BIND 9.7 Administrator's Reference Manual (ARM): ftp.isc.org/isc/bind9/cur/9.7/doc/arm/Bv9ARM.pdf
Tony Finch's “How to set up DNSSEC validation with BIND-9.7”: fanf.livejournal.com/107310.html
Mick Bauer (firstname.lastname@example.org) is Network Security Architect for one of the US's largest banks. He is the author of the O'Reilly book Linux Server Security, 2nd edition (formerly called Building Secure Servers With Linux), an occasional presenter at information security conferences and composer of the “Network Engineering Polka”.
|Hacking a Safe with Bash||Jul 28, 2015|
|KDE Reveals Plasma Mobile||Jul 28, 2015|
|Huge Package Overhaul for Debian and Ubuntu||Jul 23, 2015|
|diff -u: What's New in Kernel Development||Jul 22, 2015|
|Shashlik - a Tasty New Android Simulator||Jul 21, 2015|
|Embed Linux in Monitoring and Control Systems||Jul 20, 2015|
- Hacking a Safe with Bash
- KDE Reveals Plasma Mobile
- Huge Package Overhaul for Debian and Ubuntu
- The Controversy Behind Canonical's Intellectual Property Policy
- diff -u: What's New in Kernel Development
- Shashlik - a Tasty New Android Simulator
- Home Automation with Raspberry Pi
- Embed Linux in Monitoring and Control Systems
- General Relativity in Python
- One Port to Rule Them All!