Windows Server® 2012 Unleashed

Secure DNS with DNSSEC

Because DNS does not offer any form of security natively, it is vulnerable to spoofing, man-in-the-middle, and cache poisoning attacks. For this reason, it has become critical to develop a means for securing DNS. DNSSEC was developed to do just that.

There are a series of IETF RFCs that specify the DNSSEC extensions to DNS:

• RFC 4033—DNS Security Introduction and Requirements

• RFC 4034—Resource Records for the DNS Security Extensions

• RFC 4035—Protocol Modifications for the DNS Security Extensions

• RFC 5155—DNS Security (DNSSEC) Hashed Authenticated Denial of Existence

• RFC 5702—Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC

• RFC 5011—Automated Updates of DNS Security (DNSSEC) Trust ...

Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows Server® 2012 Unleashed by

Secure DNS with DNSSEC

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly