1. DNS/vulnerability
| /Darkreading /survey |
Contents
The History of DNS Vulnerabilities and the Cloud
https://unit42.paloaltonetworks.com/dns-vulnerabilities/
NAME:WRECK: Nine DNS Vulnerabilities Found in Four Open Source TCP/IP Stacks
TsuNAME DNS Vulnerability and BIND 9
https://www.isc.org/blogs/2021_tsuname_vulnerability/
Vulnerabilities in Popular DNS Software Allow Poisoning
1.1. survey
https://jsssjournal.com/article/view/3660
A survey of domain name system vulnerabilities and attacks
Abstract
Aim: The Domain Name System (DNS) plays an integral role in the functionality of the Internet. Clients receive Internet service by mapping domain names into internet protocol addresses, which are routable. DNS provides a scalable and flexible name resolution service to clients easily and quickly. However, DNS was initially developed without security, and the information is not secured. Although DNS security extensions was released in 1999 to protect against vulnerabilities, it is not widely deployed, and DNS continues to suffer from a variety of attacks.
The purpose of this study is to provide a comprehensive survey of DNS security.
Methods: We describe an overview of DNS vulnerabilities, DNS attacks, and even mitigation systems. In detail, attacks are classified by purpose and methods for defending against these attacks are introduced and assessed. Finally, we conclude with a summary of the current state of DNS security.
Results: The main findings of this study is to introduce fundamental vulnerabilities of DNS and classify representative DNS attacks into four categories to efficiently analyze them. Moreover, we describe and assess mitigation systems to defense these attacks.
Conclusion: We conclude that DNS is an integral part of Internet operations but is still exposed to various attacks due to its vulnerabilities, low deployment of available mitigation techniques, and limitations of such techniques.