Produktbild: DNS Security Management

DNS Security Management

Fr. 153.00

inkl. gesetzl. MwSt., Versandkostenfrei


Beschreibung

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

14.08.2017

Verlag

John Wiley & Sons

Seitenzahl

324

Maße (L/B/H)

23.7/15.9/2.2 cm

Gewicht

562 g

Auflage

1. Auflage

Sprache

Englisch

ISBN

978-1-119-32827-8

Beschreibung

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

14.08.2017

Verlag

John Wiley & Sons

Seitenzahl

324

Maße (L/B/H)

23.7/15.9/2.2 cm

Gewicht

562 g

Auflage

1. Auflage

Sprache

Englisch

ISBN

978-1-119-32827-8

Herstelleradresse

Libri GmbH
Europaallee 1
36244 Bad Hersfeld
DE

Email: GPSR Kontakt

Noch keine Bewertungen vorhanden

Verfassen Sie die erste Bewertung zu diesem Artikel

Helfen Sie anderen Kundinnen und Kunden durch Ihre Meinung.

Kundinnen und Kunden meinen

Bewertungen (0)

Die Leseprobe wird geladen.
  • Produktbild: DNS Security Management
  • Preface xiii

    Acknowledgments xvii

    1 INTRODUCTION 1

    Why Attack DNS? 1

    Network Disruption 2

    DNS as a Backdoor 2

    DNS Basic Operation 3

    Basic DNS Data Sources and Flows 4

    DNS Trust Model 5

    DNS Administrator Scope 6

    Security Context and Overview 7

    Cybersecurity Framework Overview 7

    Framework Implementation 9

    What's Next 15

    2 INTRODUCTION TO THE DOMAIN NAME SYSTEM (DNS) 17

    DNS Overview - Domains and Resolution 17

    Domain Hierarchy 18

    Name Resolution 18

    Zones and Domains 23

    Dissemination of Zone Information 25

    Additional Zones 26

    Resolver Configuration 27

    Summary 29

    3 DNS PROTOCOL AND MESSAGES 31

    DNS Message Format 31

    Encoding of Domain Names 31

    Name Compression 32

    Internationalized Domain Names 34

    DNS Message Format 35

    DNS Update Messages 43

    The DNS Resolution Process Revisited 48

    DNS Resolution Privacy Extension 55

    Summary 56

    4 DNS VULNERABILITIES 57

    Introduction 57

    DNS Data Security 57

    DNS Information Trust Model 59

    DNS Information Sources 60

    DNS Risks 61

    DNS Infrastructure Risks and Attacks 62

    DNS Service Availability 62

    Hardware/OS Attacks 63

    DNS Service Denial 63

    Pseudorandom Subdomain Attacks 67

    Cache Poisoning Style Attacks 67

    Authoritative Poisoning 71

    Resolver Redirection Attacks 73

    Broader Attacks that Leverage DNS 74

    Network Reconnaissance 75

    DNS Rebinding Attack 77

    Reflector Style Attacks 78

    Data Exfiltration 79

    Advanced Persistent Threats 81

    Summary 83

    5 DNS TRUST SECTORS 85

    Introduction 85

    Cybersecurity Framework Items 87

    Identify 87

    Protect 87

    Detect 88

    DNS Trust Sectors 88

    External DNS Trust Sector 91

    Basic Server Configuration 93

    DNS Hosting of External Zones 97

    External DNS Diversity 97

    Extranet DNS Trust Sector 98

    Recursive DNS Trust Sector 99

    Tiered Caching Servers 100

    Basic Server Configuration 101

    Internal Authoritative DNS Servers 103

    Basic Server Configuration 105

    Additional DNS Deployment Variants 108

    Internal Delegation DNS Master/Slave Servers 109

    Multi-Tiered Authoritative Configurations 109

    Hybrid Authoritative/Caching DNS Servers 111

    Stealth Slave DNS Servers 111

    Internal Root Servers 111

    Deploying DNS Servers with Anycast Addresses 113

    Other Deployment Considerations 118

    High Availability 118

    Multiple Vendors 118

    Sizing and Scalability 118

    Load Balancers 119

    Lab Deployment 119

    Putting It All Together 119

    6 SECURITY FOUNDATION 121

    Introduction 121

    Hardware/Asset Related Framework Items 122

    Identify: Asset Management 122

    Identify: Business Environment 123

    Identify: Risk Assessment 124

    Protect: Access Control 126

    Protect: Data Security 127

    Protect: Information Protection 129

    Protect: Maintenance 130

    Detect: Anomalies and Events 131

    Detect: Security Continuous Monitoring 131

    Respond: Analysis 132

    Respond: Mitigation 132

    Recover: Recovery Planning 133

    Recover: Improvements 133

    DNS Server Hardware Controls 134

    DNS Server Hardening 134

    Additional DNS Server Controls 136

    Summary 137

    7 SERVICE DENIAL ATTACKS 139

    Introduction 139

    Denial of Service Attacks 139

    Pseudorandom Subdomain Attacks 141

    Reflector Style Attacks 143

    Detecting Service Denial Attacks 144

    Denial of Service Protection 145

    DoS/DDoS Mitigation 145

    Bogus Queries Mitigation 147

    PRSD Attack Mitigation 148

    Reflector Mitigation 148

    Summary 151

    8 CACHE POISONING DEFENSES 153

    Introduction 153

    Attack Forms 154

    Packet Interception or Spoofing 154

    ID Guessing or Query Prediction 155

    Name Chaining 155

    The Kaminsky DNS Vulnerability 156

    Cache Poisoning Detection 159

    Cache Poisoning Defense Mechanisms 160

    UDP Port Randomization 160

    Query Name Case Randomization 161

    DNS Security Extensions 161

    Last Mile Protection 167

    9 SECURING AUTHORITATIVE DNS DATA 169

    Introduction 169

    Attack Forms 170

    Resolution Data at Rest 170

    Domain Registries 170

    DNS Hosting Providers 171

    DNS Data in Motion 172

    Attack Detection 172

    Authoritative Data 172

    Domain Registry 173

    Domain Hosting 173

    Falsified Resolution 173

    Defense Mechanisms 174

    Defending DNS Data at Rest 174

    Defending Resolution Data in Motion with DNSSEC 176

    Summary 186

    10 ATTACKER EXPLOITATION OF DNS 187

    Introduction 187

    Network Reconnaissance 187

    Data Exfiltration 188

    Detecting Nefarious use of DNS 189

    Detecting Network Reconnaissance 189

    DNS Tunneling Detection 190

    Mitigation of Illicit DNS Use 193

    Network Reconnaissance Mitigation 193

    Mitigation of DNS Tunneling 193

    11 MALWARE AND APTS 195

    Introduction 195

    Malware Proliferation Techniques 196

    Phishing 196

    Spear Phishing 196

    Downloads 196

    File Sharing 197

    Email Attachments 197

    Watering Hole Attack 197

    Replication 197

    Implantation 197

    Malware Examples 198

    Malware Use of DNS 198

    DNS Fluxing 198

    Dynamic Domain Generation 202

    Detecting Malware 202

    Detecting Malware Using DNS Data 203

    Mitigating Malware Using DNS 206

    Malware Extrication 206

    DNS Firewall 207

    Summary 210

    12 DNS SECURITY STRATEGY 213

    Major DNS Threats and Mitigation Approaches 214

    Common Controls 214

    Disaster Defense 214

    Defenses Against Human Error 220

    DNS Role-Specific Defenses 220

    Stub Resolvers 220

    Forwarder DNS Servers 221

    Recursive Servers 221

    Authoritative Servers 222

    Broader Security Strategy 222

    Identify Function 223

    Protect Function 224

    Detect Function 225

    Respond Function 226

    Recover Function 227

    13 DNS APPLICATIONS TO IMPROVE NETWORK SECURITY 229

    Safer Web Browsing 230

    DNS-Based Authentication of Named Entities (DANE) 230

    Email Security 232

    Email and DNS 233

    DNS Block Listing 237

    Sender Policy Framework (SPF) 238

    Domain Keys Identified Mail (DKIM) 242

    Domain-Based Message Authentication, Reporting, and

    Conformance (DMARC) 245

    Securing Automated Information Exchanges 246

    Dynamic DNS Update Uniqueness Validation 246

    Storing Security-Related Information 247

    Other Security Oriented DNS Resource Record Types 247

    Summary 251

    14 DNS SECURITY EVOLUTION 253

    Appendix A: Cybersecurity Framework Core DNS Example 257

    Appendix B: DNS Resource Record Types 285

    Bibliography 291

    Index 299