Knowledgebase
Knowledgebase
Portal Home > Knowledgebase > Articles Database > DNS spoofing/poisoning attack defense?
DNS spoofing/poisoning attack defense?
Posted by ROMmel, 11-08-2007, 02:34 AM Hi, I'm concerned about dns spoofing As explained here: w w w. securesphere(dot)net/download/papers/dnsspoof.htm I note the recommendations: - To limit the cache and check that it's not keeping additional records. - Not to make security systems to use/rely on DNS. - Use cryptography like SSL, even if the problem remains the same, it increase difficulty level for the attacker (See article on Man in the Middle) I did not on another site that the latest version of BIND for DNS should be installed. I'm quite sure I'm being attacked in this way by a guy on the same network as my numerous commercial websites. I'm setting a new server. I'm getting my own name server. What steps should I take to best protect my self and my business against these attacks please? (firewall? tips etc beside the above?) Please let me know as I want to set up and have a better than even bet I have shaken the guy. regards ROMmel
Posted by david510, 11-08-2007, 03:45 AM Make sure your dns service does not allow recursive look up, ie close open DNS Server. Have a check here. http://www.webhostgear.com/321.html
Posted by zacharooni, 11-08-2007, 09:54 AM Also make sure your /etc/host.conf looks like this:
Add to Favourites 
Print this Article
Also Read
