In our device security series, we introduce common concepts in security. The last item in our series was a look at the effectiveness of firewalls. In this segment, we discuss DNS: What it is, how secure it is, and what you can do to protect yourself.
DNS is the subject of over a dozen known, common, attacks. Many are straightforward and easy to carry out. Others require prior access to a server or machine. Some prevent a DNS server from doing its job, others use DNS servers to attack specific machines.
What can you do to protect yourself?
It depends on the attack, but there are a number of precautionary steps you can take that will help you avoid problems.
It depends on the attack, but there are a number of precautionary steps you can take that will help you avoid problems.
Know Your DNS Server
The first, and most important, is to make sure that you know and trust your DNS server. Whether you’re using a default from your ISP, a subscription one from a security company, or an internal DNS server, it’s important to know what your DNS server is, so you can spot any deviation.
Audit Your DNS Settings and Traffic
Once you know what your DNS server is, then you can audit network settings and traffic to ensure that all machines are using the correct DNS server. If you pay for a subscription, you don’t want to lose protection by having some machines that aren’t up to policy. You also want to spot any computers whose configuration has been tampered with and are using malicious DNS servers.
Keep Internal DNS Servers Maintained and Secure
Using local DNS servers is a good idea. It’s also important to make sure that they aren’t susceptible to DDoS attacks or attacks that target patched vulnerabilities.
While this is a good start, there is never a guarantee of perfect defense, so remember to have layers of security, and come back soon for the next topic in our series.