The Study of DNS Security

• Main Authors: Shih-Che Lin, 林世哲
• Other Authors: Jinn-Shing Cheng
• Format: Others
• Language: zh-TW
• Published: 2002
• Online Access: http://ndltd.ncl.edu.tw/handle/59470818716500831584

碩士 === 樹德科技大學 === 資訊管理研究所 === 90 === Internet is a new channel of data communication, people can exchange information quickly because of it is not constrained by time and space. Most of Internet users can't perceive the address resolution provided by DNS while they specified the domain name and connected to the desired website. DNS uses the technology of the Distributed Database and the Client-Server structure; controlling important information of the local network, as a result caused the problems of data synchronization and zone transfer. Furthermore, the unhealthy design of software may be caused the incident of invading problems. If the network administrator wants to guarantee the security of DNS, the problems as mentioned above for network security will be considered seriously. This thesis aims at security configuration and vulnerability auditing of DNS. From the outset, the security configuration of DNS can be achieved by using the collecting technology information about DNS appropriately. The correct configuration can only decrease the damage of intrusion, but it does not prevent all of the threat of intrusion. For this reason, the study provides a auditing system of DNS security; users can audit the vulnerability of DNS from the client via the browser, and selecting fit check items for vulnerability auditing. The scanning report will be sent to the user by email after the auditing process is completed. This report includes the existence of vulnerabilities of the DNS, and the patch links for these vulnerabilities. If DNS has a well-defined configuration of security and pass the vulnerability auditing, then its security will be promoted, and the Internet service was not broken due to malicious attack.