In this video, Chaim Krause demonstrates how to add a level of security to the DNS messages your server handles. Help avoid man-in-the-middle attacks on your infrastructure.
- [Instructor] Because of the nature of DNS…you're going to be doing public transactions.…You want people to be able to query your server…and get an IP address for the host.…This opens you up to an attack.…You can spoof IP addresses,…and in doing so gives you an opportunity to provide…a Man-in-the-middle attack.…Though it's not probable, it is possible.…Network engineers have come up with a solution…to stop interference of these network transmissions.…
The solution is Transaction SIGnatures.…Also called TSIG.…It's a lightweight and flexible means…of securing the message traffic between domain name servers.…Information can be found in the internet standard RFC 2845.…Key thing to know is it uses a single shared secret.…So this absolutely has to be distributed securely.…You need to pass this on through encrypted e-mail…or an SSH connection,…or something similar.…
You don't want anybody to get a hold of these keys.…Otherwise they can impersonate you.…The way you generate one of the these keys…is a utility called dnssec-keygen.…
- Working with different types of name servers
- Working with zone files
- Setting up a basic name server
- Creating, verifying, loading, and testing the zone file
- Allowing queries from localnets
- Configuring an advanced name server
- Serving a website or email
- Adding security
Skill Level Intermediate
Linux: Multitasking at the Command Linewith Scott Simpson39m 1s Intermediate
1. Installing BIND
Installing BIND1m 4s
2. Types of Name Servers
3. Zone Configuration File
4. Basic Name Server Setup
5. Advanced Name Server Setup
6. Security Concerns
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.