Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

1/12/2011

Name Security

Filed under: Advice from your Uncle Jim,Geek Work,Rotten Apples,The Dark Side,Things to Read — Posted by the Network Geek during the Hour of the Rooster which is in the early evening or 6:21 pm for you boring, normal people.
The moon is Waxing Gibbous

No, not your personal name, network names!

Yeah, since I’ve been thinking about computer security a little in this new year and new decade, I’ve noticed a slightly disturbing trend.  Spammers have been working at redirecting you to compromised domains.  One way they do it is something called DNS cache poisoning.  Another is straight-up DNS hijacking.

Okay, let me back up a second.  For my slightly less-technical readers, DNS stands for Domain Name System.  That’s the system of servers that translates website names, like “www.google.com”, into addresses that your computer understands and can connect you to via a browser.  It’s how you found my blog, though you may not have even realized it.
DNS Hijacking is usually accomplished via a “rouge” server, which is a server setup by spammers to publish bad information.  The more usual method, I think, and more insidious, is DNS cache poisoning.  With that method, spammers trick good, valid DNS servers into updating their records with bad information.  Giving them poisonous information, if you will.

So, now, back to the hard-core server admins.  Last week I was reminding everyone that the start of a new year is a great time to change passwords, but it’s also a great time to check on other security issues, like your DNS.  Luckily, Michael Kassner over at TechRepublic has written a blog post titled Test your DNS servers for spoofability.  It’s worth a read and worth running through.  Maybe even making it a regular practice, to see if your DNS has been compromised.

Oh, and if you all want to read more about DNS, and how to implement it, there’s a great book from O’Reilly titled DNS and BIND that’s well worth owning.  Trust me.


Advice from your Uncle Jim:
"If we only wanted to be happy, it would be easy; but we want to be happier than other people, which is almost always difficult, since we think them happier than they are."
   --Montesquieu

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.


Powered by WordPress
Any links to sites selling any reviewed item, including but not limited to Amazon, may be affiliate links which will pay me some tiny bit of money if used to purchase the item, but this site does no paid reviews and all opinions are my own.