Radack, S.
(2006),
Domain Name System (DNS) Services: NIST Recommendations for Secure Deployment, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=50837
(Accessed April 25, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Domain Name System (DNS) Services: NIST Recommendations for Secure Deployment
Published
Author(s)
Abstract
This bulletin explains the Domain Name System (DNS) infrastructure, and discusses NIST's recommendations to help organizations analyze their operating environments and the threats to their DNS services, and to apply appropriate risk-based security measures for all DNS components. The bulletin summarizes the guidelines for the secure deployment of each DNS component through the use of configuration options and checklists that are based on policies or best practices. Topics covered include the structure and operations of DNS data, software, and transactions, and the threats, the security objectives, and the security approaches that can be employed. Other topics include how to maintain data integrity and perform source authentication, and how to configure DNS deployments to protect the availability of DNS services and prevent denial of service attacks. References to other sources of information on the security of DNS services are provided.Citation
ITL Bulletin -
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
checklists, denial of service, DNS, DNS Security Extensions, DNSSEC, Domain Name System, information system security, Internet Protocol (IP), risks, vulnerabilities
Citation
Created July 2, 2006, Updated January 27, 2020