Best practice protection approaches for DNS software are as follows:
• Running the latest version of name server software, or an earlier version with appropriate patches
• Running name server software with restricted privileges
• Isolating name server software
• Setting up a dedicated name server instance for each function
• Removing name server software from nondesignated hosts
• Creating a topological and geographic dispersion of authoritative name servers for fault tolerance
•
Limiting IT resource information exposure through two different zone
files in the same physical name server (termed as split DNS) or through
separate name servers for different client classes.
No comments:
Post a Comment