The DNS protocol is the cornerstone of Internet communications
- September 05, 2014
Currently trade and communication between people and organizations use the Internet as a fundamental support and in turn the Internet depends on a protocol called DNS (domain name system). Each Web transaction initiated performs a DNS query to know the IP address of the machine that hosts the domain that you want to access. If the database of a DNS server is handled by deceit, a hacker could block any of the services offered by Internet. Web applications such as eCommerce, SaaS, social networks and even email rely on DNS.
Many organizations have established elaborated systems of defense in depth or antivirus software layers that combine traditional firewalls, systems security information and event management (SIEM) and other techniques to protect their infrastructures. However, most of them have little or no specific protection for DNS.
To be safe from growing DNS-based attacks, a new solution we have called Firewall DNS has appeared in the security market. As you see, we are witnessing a specialization in security technology to protect the information from Internet threats. A general purpose firewalls that filter traffic globally, were subsequently joined the IPS, the Web Application Firewall to inspect the http and https protocols; and now the DNS Firewall (monitored port 53). This protects the DNS servers in two ways
From the inside out: Prevents data loss and data theft by blocking queries to DNS servers and communication infected with botnets.
From outside to inside: Mitigates DoS attacks illegitimate blocking traffic to the DNS server. Perform automatic recognition of threats, attacks discovered patterns to discriminate legitimate traffic from malicious users.
For protection at the corporate level, there are a couple of solutions that are in the market for specific safety protection of DNS.
But not only the hardware manufacturers are working to protect the DNS service, but the software community has been doing so for some time improving the protocol extensions using DNSSEC, which facilitate authentication of data sent between the client and the server DNS.
Whether DNSSEC implementations, as OpenDNS, it is necessary that the DNS server and client support these tools; making it work in the IT department set up communications to consult public DNS servers that have this functionality, install the necessary software capable of performing the secure DNS queries.