Resources for DNS Security Information

Home for BIND and DHCPD: http://www.isc.org/

DNS Security Slides by Cricket Liu, coauthor of DNS and BIND (aka “The Grasshopper Book”): http://www.acmebw.com/papers/securing.pdf

FAQ from comp.protocols.tcp-ip.domains: http://www.intac.com/~cdp/cptd-faq/

DNS Security Paper by Craig Rowland: www.psionic.com/papers/dns/

Some Interesting RFCs (see http://www.rfc-editor.org/):

1035 (General DNS Specs)
1183 (Additional Resource Record Specifications)
2308 (Negative Caching)
2136 (Dynamic Updates)
1996 (DNS Notify)
2535 (DNS Security Extensions)

Some DNS/BIND Security Advisories (see http://www.cert.org/):

CA-99-14: “Multiple Vulnerabilities in BIND”

CA-2000-03: “Continuing Compromises of DNS Servers”

CA-98.05: “Multiple Vulnerabilities in BIND”

CA-97.22: “BIND” (cache-poisoning)