4 research outputs found
TKEY Vulnerability in BIND DNS Server
The Domain Naming System (DNS) has been a core technology to the usefulness of the Internet since the beginning of its public introduction. The ability to associate an English-readable fully qualified domain name (FQDN) with an IPv4 address is crucial to its user-friendliness. Due to its age, several flaws have been discovered in its code, one of the more recent being referenced as CVE-2015-5477, which affects all versions of Berkeley Internet Naming Daemon (BIND) available before July 31, 2015. We will cover what this error is, describe and test its effectiveness against an older BIND v. 9.9.6 server, and discuss options for resolving the issue
Estudio sobre la importancia de los sistemas de monitoreo de redes de datos en las empresas
Mostrar la importancia de los sistemas de monitoreo dentro de las empresas, mostrando la variedad de software existentes en el mercado, tipos de ataques orientados a la red y ataques informáticos a nivel empresarial.Show the importance of monitoring systems within companies, show the variety of software identified in the market, types of network-oriented attacks and business-level computer attacks
DETERMINING THE INFLUENCE OF THE NETWORK TIME PROTOCOL (NTP) ON THE DOMAIN NAME SERVICE SECURITY EXTENSION (DNSSEC) PROTOCOL
Recent hacking events against Sony Entertainment, Target, Home Depot, and bank
Automated Teller Machines (ATMs) fosters a growing perception that the Internet is an insecure
environment. While Internet Privacy Concerns (IPCs) continue to grow out of a general concern
for personal privacy, the availability of inexpensive Internet-capable mobile devices increases
the Internet of Things (IoT), a network of everyday items embedded with the ability to connect
and exchange data.
Domain Name Services (DNS) has been integral part of the Internet for name resolution
since the beginning. Domain Name Services has several documented vulnerabilities; for
example, cache poisoning. The solution adopted by the Internet Engineering Task Force (IETF)
to strengthen DNS is DNS Security Extensions (DNSSEC). DNS Security Extensions uses
support for cryptographically signed name resolution responses. The cryptography used by
DNSSEC is the Public Key Infrastructure (PKI).
Some researchers have suggested that the time stamp used in the public certificate of the
name resolution response influences DNSSEC vulnerability to a Man-in-the-Middle (MiTM)
attack. This quantitative study determined the efficacy of using the default relative Unix epoch
time stamp versus an absolute time stamp provided by the Network Time Protocol (NTP). Both
a two-proportion test and Fisher’s exact test were used on a large sample size to show that there
is a statistically significant better performance in security behavior when using NTP absolute
time instead of the traditional relative Unix epoch time with DNSSEC