securing bind in todays hostile environment
gtaylor at tnetconsulting.net
Sun Jan 19 17:31:14 UTC 2020
On 1/19/20 4:01 AM, N. Max Pierson wrote:
> I honestly couldn’t tell you either way as I have not even begun
> to start to dive into DNSSEC.
I can recommend the following book from Michael W. Lucas / @mwlauthor
and say that it provides a good, actionable, introduction to DNSSEC.
Link - DNSSEC Mastery: Securing the Domain Name Service with BIND (ebook)
Disclaimer: I'm not associated with Michael. We do pester each other
on Twitter. I have tech reviewed some of his other book.
I've found all of his Mastery books to be packed with actionable
information and well worth the price (< $20).
I prefer to buy the books directly from Michael's site, Tilted Windmill
Press, to avoid the overhead & fees with thee other typical outlets.
Word to the wise: Be mindful of the recent SHA1 chosen prefix attacks
when starting with DNSSEC. This mostly means that you just choose
other, newer, algorithms to use when deploying DNSSEC.
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4013 bytes
Desc: S/MIME Cryptographic Signature
More information about the bind-users