DNS Literacy Series 7: paying attention to domain name security and network security should not only be verbally concerned. It turns out that network security risks are everywhere on the Internet. Recently, Twitter and Baidu have the same problems. The following are some of my opinions that may not be comprehensive and are only for discussion. Network security is divided into the following aspects: 1. security risks of Internet lines, such as packet sniffing and tampering, and the intrusion of backbone routers, are a problem of network operators. We cannot be involved as Internet users. Www.2cto.com 2. server security risks, including operating systems, running software, and physical security issues of the server. The general principle for improving server security is "one more than one", one more is to be a diligent administrator, pay more attention to software BUG announcement and timely upgrade of software. One is to run as few unnecessary programs as possible, and to open network ports to the Internet as few as possible. For example, a large number of servers on the Internet open listener ports for SQL databases. I really don't know what the Administrator thinks. 3. once forgotten, domain name security is in the corner. The main reason is that few people really know the domain name and DNS system and lack relevant technical support. This article will expand the "3" Domain Name security issue mentioned above. First, let's take a look at the existing security risks of the domain name system. There are three main aspects: 1. Domain Name management platform security issues, the ability to sell domain name Sellers such as ox Mao, but the ability to manage the domain name is very few. We know that generally, domain name providers provide authoritative DNS for the domain names they sell to resolve the domain names, and provide a domain name management platform (WEB management platform ). The main function of the domain name management platform is to first log on to the system and add/modify records of the domain name, such as NS, A, CNAME, MX, and TXT. Once this domain name management platform has problems, the consequences are self-evident. The problem between Twitter and Baidu is that the domain name's NS records are tampered with through the domain name management platform. In reality, the security awareness of domain name owners is weak, and it is often a very simple logon management password, or the performance is that the password is never updated, which is a dangerous signal.
2. Network Operators maliciously intercept domain name resolution, which is mostly found in China. The specific manifestation is that the local domain name resolution is abnormal. Generally, the operator is bound to the public DNS to resolve the domain name to a specific IP address. The underlying reason is nothing more than profit-driven. 3. Virus, Trojan, and other troubles. This occurs only on the compromised computer. The specific manifestation is that the local DNS address is tampered with as a malicious DNS, resulting in resolution exceptions. Www.2cto.com solution: 1. to address the security issues of the domain name management platform, ordinary public (the poor) cannot do much due to various restrictions: first, select a good domain name provider and establish a domain name security awareness. A lot of work can be done on large websites (mainly with money, such as google and baidu): first, buy a domain name directly from the domain name institution (skip the domain name provider ), use your own domain name management platform to manage Domain Names (of course, this background is not external, boot when used, usually in the safe), which fundamentally curb the nuisance of "hackers.
2. For the malicious interception of domain name resolution by network operators, victims are usually not entitled to no money. All you can do is appeal to your superior and pray for God's help. 3. It involves a small amount of troubles such as viruses and Trojans. There is nothing to say about it, and it is easy to fight.