Cloud

4/11/2017
04:50 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Forget the Tax Man: Time for a DNS Security Audit

Here's a 5-step DNS security review process that's not too scary and will help ensure your site availability and improve user experience.
Previous
1 of 8
Next

Image Source: Adobe Stock

Image Source: Adobe Stock

The DDoS attack against DNS provider Dyn that took out large swaths of the Internet put a million-candle spotlight on the issue of the availability, and proved that proper DNS management is not just an IT issue, but a security mandate as well. Maintaining website availability and preventing revenue loss from associated outages depends upon good DNS hygiene, maintenance, and control.

DNS tends to be a set-and-forget type of technology... and that can pose problems several years after everything has been forgotten, according to Chris Roosenraad, director of product management for DNS service at Neustar.

[Check out "Protect Your DNS Services Against Security Threats" during Interop ITX, May 15-19, at the MGM Grand in Las Vegas. To learn more about DNS security, other Interop security tracks, or to register, click on the live links.].

Roosenraad -- who has more than two decades of security, networking and public policy expertise, having previously developed the DNS architecture for Charter Communications and Time Warner Cable -- says that DNS audits sound more foreboding than they actually are. This is not necessarily some big, scary compliance activity. It is just a way of accounting for all of the DNS infrastructure configuration to ensure that things haven't gotten out of sync with changing business realities. 

"It's just a process of taking some away from the 30 other multitasking things that we all have in front of us to sit down and say, 'Is this what I really want my Internet presence to be?'" he says.

How to begin the process? Here are five essential steps to conducting a successful DNS audit. 

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Devastating Cyberattack on Email Provider Destroys 18 Years of Data
Jai Vijayan, Freelance writer,  2/12/2019
Up to 100,000 Reported Affected in Landmark White Data Breach
Kelly Sheridan, Staff Editor, Dark Reading,  2/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8360
PUBLISHED: 2019-02-16
Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php cate parameter.
CVE-2019-8361
PUBLISHED: 2019-02-16
PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection.
CVE-2019-8362
PUBLISHED: 2019-02-16
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, o...
CVE-2019-8363
PUBLISHED: 2019-02-16
Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value.
CVE-2019-8358
PUBLISHED: 2019-02-16
In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.