NIST releases standards for securing domain names

The National Institutes of Standards and Technologies have released new guidelines for securing Domain Name Systems (DNS) today. Special Publication 800-81 details threats and how best to approach them as well as specific recommendations on secure configurations for DNS and their associated mechanisms.

Domain names have two unique characteristics that set them apart from other distributed systems: they have no defined system boundaries and no confidentiality, as Web site domains are essentially accessible to anyone. Conventional network-level attacks can cause denial-of-service and access problems.

NIST recommends that agencies implement appropriate system and network security controls for securing the DNS hosting, protect transactions such as name resolution data and data replication, and protect the query/response transaction using digital signatures. The publication also recommends enforcing content control of DNS name resolution using integrity constraints.

The publication can be downloaded in PDF format here: http://csrc.nist.gov/publications/nistpubs/800-81/SP800-81.pdf

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected