Paranoid Penguin - DNS Cache Poisoning, Part II: DNSSEC Validation
And with that, your nameserver is successfully validating signed zone data! For now, I wish you thanks and goodbye. As I seem to do every couple years, I'm going to take a hiatus for a few months. I do plan on resuming the Paranoid Penguin after that, however, refreshed and renewed for your reading pleasure.
Until then, take care of yourself and especially your Linux systems!
DNSSEC—the DNS Security Extensions—Protocol Home Page: www.dnssec.net
Alan Clegg's “DNSSEC—Living and Loving Life after Kaminsky; Or: How I overcame my fear and signed my zones.” Presentation to REN-ISAC on 10-30-2008: www.ren-isac.net/techburst/hardcopy/ren-isac_techburst_20081030_clegg_dnssec.pdf
Geoff Huston's “A Fundamental Look at DNSSEC, Deployment, and DNS Security Extensions”: www.circleid.com/posts/dnssec_deployment_and_dns_security_extensions
Ubuntu 10.10 Server Guide: “Chapter 7. Domain Name System (DNS)”: https://help.ubuntu.com/10.10/serverguide/C/dns.html
BIND 9.7 Administrator's Reference Manual (ARM): ftp.isc.org/isc/bind9/cur/9.7/doc/arm/Bv9ARM.pdf
Tony Finch's “How to set up DNSSEC validation with BIND-9.7”: fanf.livejournal.com/107310.html
Mick Bauer (email@example.com) is Network Security Architect for one of the US's largest banks. He is the author of the O'Reilly book Linux Server Security, 2nd edition (formerly called Building Secure Servers With Linux), an occasional presenter at information security conferences and composer of the “Network Engineering Polka”.
|Happy Birthday Linux||Aug 25, 2016|
|ContainerCon Vendors Offer Flexible Solutions for Managing All Your New Micro-VMs||Aug 24, 2016|
|Updates from LinuxCon and ContainerCon, Toronto, August 2016||Aug 23, 2016|
|NVMe over Fabrics Support Coming to the Linux 4.8 Kernel||Aug 22, 2016|
|What I Wish I’d Known When I Was an Embedded Linux Newbie||Aug 18, 2016|
|Pandas||Aug 17, 2016|
- Happy Birthday Linux
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- ContainerCon Vendors Offer Flexible Solutions for Managing All Your New Micro-VMs
- What I Wish I’d Known When I Was an Embedded Linux Newbie
- Updates from LinuxCon and ContainerCon, Toronto, August 2016
- New Version of GParted
- NVMe over Fabrics Support Coming to the Linux 4.8 Kernel
- Returning Values from Bash Functions
- All about printf
- Tech Tip: Really Simple HTTP Server with Python