is DDNS for me?
Jim Reid
jim at rfc1035.com
Wed Apr 4 23:21:58 UTC 2001
>>>>> "Brad" == Brad Knowles <brad.knowles at skynet.be> writes:
Brad> Of course, DDNS is completely insecure -- once it's
Brad> allowed, anyone can update the information on the server.
Well not exactly. In its raw format, DDNS is insecure. Usually the
only checks are on the source address of the dynamic update
request. Since this is sent as a UDP datagram faking the address is
trivial. Transaction signatures (TSIG) can be used to authenticate the
origin of an update. This cannot be spoofed easily. The client and
server share a secret between themselves which is used to create a
HMAC-MD5 hash to digitally "sign" the request. But these authenticated
requests still allow a trusted client to add, change or remove just
about anything in a dynamically updated zone. Finer granularity of
control is possible with BIND9's update-policy{} clause. If need be a
client can be given permission to only change a specific name and RR
type.
More information about the bind-users
mailing list