A very interesting article on DNS. Very widely heard but rarely understood. Also discussed are NMS and traceroute.
DNS
As you already know, Domain Name System (DNS) is the way that Internet domain names are located and translated into Internet Protocol (IP) addresses. Because maintaining a central list of domain name/IP address correspondences would be impractical, the lists of domain names and IP addresses are distributed throughout the Internet in a hierarchy of authority. There is probably a DNS server within close geographic proximity to your access provider that maps the domain names in your Internet requests or forwards them to other servers in the Internet.
As far as risks with DNS, you should be aware of spoofing. When a DNS machine is compromised, this machine has been a victim of a spoofing. Not that it happens very often, but there has been reports, both at DDN and CIAC, about DNS spoofing.
CIAC's advisory, entitled "Domain Name Server Vulnerability alerts about the possibility of an intruder to spoof BIND into providing incorrect name data at the DNS server, allowing for unauthorized access or re-routing of connections. Can you imagine if all private connections of the Secret Services were re-routed to a hackers home server? Fortunately (or should I say hopefully), the Secret Service is already using Skipjack or some other kind of strong encryption in their IP connections!
But fear not! A DNS spoofing is not an easy task. It's not enough for an intruder to gain access to the DNS server. The intruder will have to re-route the addresses of that database, which would easily give him away. It's like breaking the window of a jewelry store, it's just a matter of minutes before the police arrives. But again, with a good plan, how much time would a hacker need to get what he wants?
Network Management Station (NMS)
As described by Aday Pabrai and Vijay Gurbani in their book "Internet and TCP/IP Network Security, by McGraw-Hill, "Network Management Station (NMS)is a system responsible for supporting a network management protocol and applications necessary for it to process and access information from entities (managed nodes) on the network."
The only security feature provided by NMS is access control. NMS, additionally provides authentication and privacy.
traceroute
Van Jacobson is the author of traceroute, which is a tool to trace the route IP packets take from the current system to some destination system. What it does is, by using the IP protocol "time_to_live" field it attempts to elicit an ICMP TIME_EXCEEDED response from each gateway the packet goes through on its way.
The danger here is that this utility can be used to identify the location of
Go To Page: 1 2
