USENIX Conference Policies
DNS and BIND Security Issues
Paul A. Vixie, Internet Software Consortium
Efforts are underway to add security to the DNS protocol. We have observed that if BIND would just do what the DNS specifications say it should do, stop crashing, and start checking its inputs, then most of the existing security holes in DNS as practiced would go away. To be sure, attackers would still have a pretty easy time co-opting DNS in their break-in attempts. Our aim has been to get BIND to the point where its only vulnerabilities are due to the DNS protocol, and not to the implementation. This paper describes our progress to date.
BibTeX
@inproceedings {253573,
author = {Paul A. Vixie},
title = {{DNS} and {BIND} Security Issues},
booktitle = {5th USENIX UNIX Security Symposium (USENIX Security 95)},
year = {1995},
address = {Salt Lake City, UT},
url = {https://www.usenix.org/conference/5th-usenix-unix-security-symposium/dns-and-bind-security-issues},
publisher = {USENIX Association},
month = jun
}
author = {Paul A. Vixie},
title = {{DNS} and {BIND} Security Issues},
booktitle = {5th USENIX UNIX Security Symposium (USENIX Security 95)},
year = {1995},
address = {Salt Lake City, UT},
url = {https://www.usenix.org/conference/5th-usenix-unix-security-symposium/dns-and-bind-security-issues},
publisher = {USENIX Association},
month = jun
}