"stealth master" DNS Security

Ram Akuka ramakuka at gmail.com
Wed Mar 25 09:20:20 UTC 2009


Hi,
I want to design a DNS system for secure authoritative server.
I’ll use one master server to store the data zone and use zone
transfer mechanism for the 2 public slave servers (which will defined
as masters in the internet). That way I’ll update and backup only
server.
I using TSIG for secure zone transfer but I have few questions,
Is there’s any way I can encrypt the zone files in the slave server,
that way no one can have access to the actual zone data beside the
master server.
(if for example someone will hack to the slave DNS he won’t have the
zones data).

Thanks in advance,


--
Ram



More information about the bind-users mailing list