[Dshield] Jail and Harden DNS

Coyle, Brian Brian.Coyle at disney.com
Mon Mar 29 15:00:59 GMT 2004


Jon R. Kibler wrote on Sunday, March 28, 2004 15:16-

<SNIP!>

> Bottom line: I wrote the original posting to make people aware 
> there is a lot you can do to protect yourself against named DOS 
> attacks and to protect your system WHEN the next named exploit 
> is found. 

Some DNS best practices-

   ftp://ftp.rfc-editor.org/in-notes/rfc2182.txt

   http://www.rfc-editor.org/rfc/rfc2870.txt

   http://csrc.nist.gov/fasp/FASPDocs/NISTSecuringDNS.htm

   http://www.cert.org/archive/pdf/dns.pdf

HTH!

                                    -- Brian, GCIA






More information about the list mailing list