[dns-operations] Best Practices in DNS security

caleb.dods at bell.ca caleb.dods at bell.ca
Thu Mar 16 15:54:52 UTC 2006

First, let me introduce myself. I work on the ISP side of  Bell Canada,
and have recently been given the job of "hardening" our DNS
infrastructure, I've  been following the ongoing discussions on this
list with interest.


I'm interested in best practices around DNS security, and more
specifically what has been found to be effective in both detecting and
preventing attacks against DNS. 

A few questions that will hopefully generate some discussion. 


What have you found is the most effective way to prevent recursive
queries from foreign address space against your DNS servers?. DNS ACLs,
Firewall ACLs or Router ACLs; have you found one of these to be more
effective or easier to manage? 


Are you running firewalls in front of your DNS servers? If so are they
effective? Are there any DNS specific problems with firewalls to be
aware of?


Are you using Intrusion Detection Systems to detect DNS specific
attacks? Has this been effective?  


Any other suggestions or best practices you believe the rest of the DNS
community should be following?



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060316/05d18998/attachment.html>

More information about the dns-operations mailing list