Over the past few years, the reality that even the most well-secured, diligently monitored networks can be hacked into has become painfully obvious. Even major players like Sony, JPMorgan Chase, Ebay and Adobe are vulnerable to Denial of Service (DoS) attacks, and as a result, internet security has become a heightened concern for businesses and individuals alike. While it’s becoming increasingly common for enterprise network managers to take the security and configuration management of their networks more seriously, there’s an often overlooked, yet crucial, protocol: the Domain Name System (DNS).
Isn’t DNS just a service that translates domain names into IP addresses?
Even though DNS is the most widely-used protocol on the World Wide Web, few network managers take advantage of its less well-known features. Of course, the translation element of DNS is important, but there’s much more to it than simply looking up URLs. DNS is used by software to validate licenses, by video services to circumvent firewall security and, unfortunately, by opportunistic hackers to steal private or sensitive data. While Data Leak Protection (DLP) systems are typically used to check the protocols used in peer-to-peer software, email or browsing, DNS is conspicuously open for all the wrong kinds of business. Neil Cook, CTO of Cloudmark, voiced his concerns about DNS management in an article on CIO.com as follows: “Nobody looks much at DNS packets, even though DNS underlies everything. There’s a lot of DLP done on web and email but DNS is just sitting there, wide open.”
What are the risks of managing your DNS badly?
When Sally Beauty was hacked last year, it was reported that a little under 25,000 credit records were accessed and possibly deleted. Hackers were able to access the data by disguising packets as DNS queries. But it isn’t just malware that infects Point of Sale (PoS) systems and attacks customer credit card information using DNS tunnelling – DNS is the most widely-used command channel for malware of all types, as well as acting as a tool to steal sensitive data. Cricket Liu, chief DNS architect at Infoblox, says, “DNS is frequently used as a conduit to surreptitiously tunnel data in and out of the company, and the reason people who write malware are using DNS to tunnel out this traffic is because it’s so poorly monitored, most people have no idea what kind of queries are going over their DNS infrastructure.” Additionally, your staff may be downloading free DNS services onto their devices that will ultimately undermine the control you have over your network configuration.
How should DNS be managed for maximum benefit to configuration and security?
Despite its importance in network configuration management and security, DNS is often overlooked. However, in the wake of the large-scale hacks of recent years, many vendors are starting to offer dedicated DNS tools. However, minimising the risk of security breaches or data leaks through DNS is part of an overarching mentality about configuration management and monitoring. Setting baselines and constantly monitoring them for fluctuations is essential in understanding how your network environment operates. DNS traffic shouldn’t be exempt from your reports, and in light of recent hacks, it might warrant more of your attention for the short-term. Ultimately, a holistic and pragmatic stance should be taken on network security and network configuration management, and each potential entry point into your network environment should be carefully and consistently audited.
To find out more about optimising your configuration management and network reporting with world-class Network Monitoring Software, please download our complementary guide to running a stable and highly available network.
[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container][fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none” last=”no” hover_type=”none” link=”” border_position=”all”][fusion_text][hs_action id=”1851″]
Image credit: SuperbWallpaper[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]