Sep
07
2011
Set Up A Dns Server
10 Things You Should Know About Securing Dns
1. Use DNS forwarders
A DNS forwarder is a DNS server that performs DNS queries on behalf of another DNS server. The primary reasons to use a DNS forwarder are to offload processing duties from the DNS server forwarding the query to the forwarder and to benefit from the potentially larger DNS cache on the DNS forwarder.
Another benefit of using a DNS forwarder is that it prevents the DNS server forwarding the requests from interacting with Internet DNS servers. This is especially important when your DNS server is Hosting your internal Domain DNS resource records. Instead of allowing your internal DNS servers to perform recursion and contacting DNS servers itself, configure the internal DNS server to use a forwarder for all Domains for which it is not authoritative.
2. Use caching-only DNS servers
A caching-only DNS server is one that is not authoritative for any DNS domains. It’s configured to perform recursion or use a forwarder. When the caching-only DNS server receives a response, it caches the result and returns the answer to the system issuing the DNS query to the caching-only DNS server. Over time, the caching-only DNS server can amass a large cache of DNS responses, which can significantly improve DNS response times for DNS clients of that caching-only DNS server.
Caching-only DNS servers can improve security for your organization when used as forwarders that are under your administrative control. Internal DNS servers can be configured to use the caching-only DNS server as their forwarders and the caching-only DNS server performs recursion on behalf of your internal DNS servers. Using your own caching-only DNS servers as forwarders improves security because you don’t have to depend on your ISP’s DNS servers as forwarders when you’re unsure of the security configuration of your ISP’s DNS servers.
3. Use DNS advertisers
A DNS advertiser is a DNS server that resolves queries for domains for which the DNS advertiser is authoritative. For example, if you Host publicly available resources for domain.com and corp.com, your public DNS server would be configured with DNS zone files for the domain.com and corp.com domains.
What sets the DNS advertiser apart from any other DNS Server Hosting DNS zone files is that the DNS advertiser answers queries only for domains for which it is authoritative. The DNS server will not perform recursion for queries to other DNS servers. This prevents users from using your public DNS server to resolve names in other domains. This increases security by lessening the risks associated with running a public DNS resolver, which include cache poisoning.
4. Use DNS resolvers
A DNS resolver is a DNS server that can perform recursion to resolve names for domains for which that DNS server is not authoritative. For example, you might have a DNS server on your internal network that’s authoritative for your internal network domain, internalcorp.com. When a client on your network uses that DNS server to resolve the name techrepublic.com, that DNS server performs recursion by querying other DNS servers to get the answer.
The difference between this DNS server and a DNS resolver is that a DNS resolver is a DNS server that is dedicated to resolving Internet host names. A resolver could be a caching-only DNS server that isn’t authoritative for any DNS domains. You can make the DNS resolver available to only your internal users, you can make it available only to your external users to provide a secure alternative to using a DNS server outside of your administrative control, or you can allow both internal and external users access to the DNS resolver.
5. Protect DNS from cache pollution
DNS cache pollution is an increasingly common problem. Most DNS servers are able to cache the results of DNS queries before forwarding the response to the host issuing the query. The DNS cache can significantly improve DNS query performance throughout your organization. The problem is that if the DNS server cache is “polluted” with bogus DNS entries, users can subsequently be forwarded to malicious Web sites instead of the sites they intended to visit.
Most DNS servers can be configured to prevent cache pollution. The Windows Server 2003 DNS server is configured to prevent cache pollution by default. If you’re using a Windows 2000 DNS server, you can configure it to prevent cache pollution by opening the Properties dialog box for the DNS server and clicking the Advanced tab. Select the Prevent Cache Pollution check box and restart the DNS server.
6. Enable DDNS for secure connections only
Many DNS servers accept dynamic updates. The dynamic update feature enables these DNS servers to register DNS host names and IP addresses for hosts that use DHCP for host IP addressing. DDNS can be a great boon in reducing the administrative overhead for DNS administrators who otherwise would need to manually configure DNS resource records for these hosts.
However, there can be a major security issue with DDNS updates if they are allowed unchecked. A malicious user can configure a host to dynamically update DNS host records of a file server, Web Server, or database server and have connections that should be destined to those servers diverted to his machine instead of the intended target.
You can reduce the risk of malicious DNS updates by requiring secure connections to the DNS server in order to perform the dynamic update. This is easily achieved by configuring your DNS server to use Active Directory integrated zones and requiring secure dynamic updates. All domain members will be able to dynamically update their DNS information in a secure context after you make this change.
7. Disable zone transfers
Zone transfers take place between primary and secondary DNS servers. Primary DNS servers that are authoritative for specific domains contain writable DNS zone files that are updated as needed. Secondary DNS servers received a read-only copy of these zone files from primary DNS servers. Secondary DNS servers are used to improved DNS query performance throughout an organization or over the Internet.
However, zone transfers are not limited to only secondary DNS servers. Anyone can issue a DNS query that will cause a DNS server configured to allow zone transfers to dump the entirety of its zone database files. Malicious users can use this information to reconnoiter the naming schema in your organization and attack key infrastructure services. You can prevent this by configuring your DNS servers to deny zone transfer requests or by configuring the DNS servers to allow zone transfers only to specific servers in the organization.
8. Use firewalls to control DNS access
Firewalls can be used to gain access control over who can connect to your DNS servers. For DNS servers that are used only for internal client queries, configure firewalls to block connections from external hosts to those DNS servers. For DNS servers used as caching-only forwarders, configure firewalls to allow DNS queries only from those DNS servers that use the caching-only forwarders. An especially important firewall policy setting is to block internal users from using the DNS protocol to connect to external DNS servers.
9. Set access controls on DNS registry entries
On Windows-based DNS servers, you should configure access controls on the DNS server-related Registry settings so that only the accounts that require access to them are allowed to read or change those Registry settings.
The HKLMCurrentControlSetServicesDNS key should be configured to allow only the Administrator and System account access, and these accounts should have Full Control permissions.
10. Set access control on DNS file system entries
On Windows-based DNS servers, you should configure access controls on the DNS server-related file system entries so that only the accounts that require access to them are allowed to read or change those files.
The %system_directory%DNS folder and subfolders should be configured to allow only the system account to access the files, and the system account should be given Full Control permissions
About the Author
Anuj Sharma(System Administrator)
How to configure DNS server ? Part 1
|
|
HiRO H50188 ADSL2+ Modem with 4-Port Router and Wireless 802.11b/g Router (H50188) $44.92 The Hiro H50188 ADSL2+ Modem and Wireless Router supports downstream rate up to 12 / 24 Mbps with capability of ADSL2 / ADSL2+, and upstream rate up to 1Mbps. Hop on the Internet wagon with the Hiro H50188 ADSL2+ Modem and Wireless Router. Enjoy all the convenience it brings with fast speeds and 802.11/b/g wireless protocols. Plus, it features a four-ports switch and includes built-in Universal Pl… |
|
|
MCITP Self-Paced Training Kit (Exams 70-640, 70-642, 70-646): Server Administrator Core Requirements (PRO-Certification) $159.99 Get in-depth training and practice with the skills measured by the core exams for Microsoft Certified IT Professional (MCITP): Windows Server 2008 Administrator certification all in one box! Covering Exams 70-640, 70-642, and 70-646, these three training kits include exam prep and practice tests to help you maximize your performance. You get official Microsoft® study guides, plus practice tests… |
|
|
Linksys E3200 High-Performance Simultaneous Dual-Band Wireless-N Router $119.99 Linksys E3200 – High Performance Dual-Band Wireless N Router… |
|
|
Novatel Wireless MiFi 2200 3G Mobile WiFi Hotspot Modem, Refurbished (Verizon Wireless) $28.59 Novatel Wireless MiFi 2200 3G Mobile WiFi Hotspot Modem (Verizon Wireless)… |
|
|
Panasonic BL-C230A Wireless Internet Security Camera $209.99 The Panasonic BL-C230 Wireless Home Network Pan/Tilt Wide Angle Camera can be viewed and controlled from a standard web browser, video display, or even a compatible cell phone or PDA. This camera can communicate wirelessly with standard 802.11b or 802.11g wireless devices, allowing the flexibility to install and operate the camera without running network wires, and utilizing SSID filtering and pow… |
|
|
Foscam FI8918W Wireless/Wired Pan & Tilt IP/Network Camera with 8 Meter Night Vision and 3.6mm Lens (67° Viewing Angle) $79.50 The Foscam FI8918W Wireless IP Camera features high quality video and audio, pan/tilt, remote Internet viewing, motion detection, night vision as well as a built-in network video recording system. In addition, it is smartphone compatible (iPhone android & Blackberry) as well as viewable over the Internet network using the standard Safari browser (no app necessary). The camera functions well as an … |
|
|
Foscam FI8918W Wireless/Wired Pan & Tilt IP/Network Camera with 8 Meter Night Vision and 3.6mm Lens (67° Viewing Angle) $79.50 The Foscam FI8918W Wireless IP Camera (White) offers features such as high-quality video and audio, pan/tilt, remote internet viewing, motion detection and night-vision. With 1/4″ color CMOS image sensor, it delivers clear images in MJPEG format at a resolution of 640 x 480. A minimum illumination of 0.5 lux makes the camera suitable for low-light surveillance. With 11 IR LEDs effective up to 26′ … |
|
|
Dragon NaturallySpeaking Premium 11 Bluetooth $204.99 Dragon NaturallySpeaking 11 Premium provides a whole new way to interact with a PC–using speech instead of a keyboard and mouse–to help you work faster and more efficiently. Dragon turns ideas into text at the speed of thought so you can communicate more freely and persuasively. Just say words and watch them appear on the computer screen–three times faster than typing–with no typos! Tell y… |
|
|
Learning Apple OS X Lion Server – Training DVD – Tutorial Video $99.95 In this training course for Apple OS X Lion Server, Apple certified trainer Chris Tarnowieckyi will teach you how to install, configure and monitor OS X Lion Server. Whether you are setting it up for a school, home network or business, you will learn the ins and outs of using Lion Server to its fullest capabilities. The video tutorial starts with the installation basic and advanced setup of your … |
|
|
Dragon NaturallySpeaking 10 Preferred Mobile $34.98 DRAGON NATURALLYSPEAKING… |
|
|
DNS on Windows Server 2003 $14.65 <div><p>While computers and other devices identify each other on networks or the Internet by using unique addresses made up of numbers, humans rely on the Domain Name System (DNS), the distributed database that allows us to identify machines by name. DNS does the work of translating domain names into numerical IP addresses, routing mail to its proper destination, and many other services, so that users require little or no knowledge of the system. If you’re a network or system administrator, however, configuring, implementing, and maintaining DNS zones can be a formidable challenge. And now, with Windows Server 2003, an understanding of the workings of DNS is even more critical.<br/><br/><i>DNS on Windows Server 20003</i> is a special Windows-oriented edition of the classic <i>DNS and BIND</i>, updated to document the many changes to DNS, large and small, found in Windows Server 2003. Veteran O’Reilly authors, Cricket Liu, Matt Larson, and Robbie Allen explain the whole system in terms of the new Windows Server 2003, from starting and stopping a DNS service to establishing an organization’s namespace in the global hierarchy. <br/><br/> Besides covering general issues like installing, setting up, and maintaining the server, <i>DNS on Windows Server 2003</i> tackles the many issues specific to the new Windows environment, including the use of the dnscmd program to manage the Microsoft DNS Server from the command line and development using the WMI DNS provider to manage the name server programmatically. The book also documents new features of the Microsoft DNS Server in Windows Server 2003, including conditional forwarding and zone storage in Active Directory (AD) application partitions.<br/><br/><i>DNS on Windows Server 2003</i> provides grounding in:</p><ul><li>Security issues</li> <li>System tuning</li> <li>Caching</li> <li>Zone change notification</li> <li>Troubleshooting</li> <li>Planning for growth</li></ul> If you’re a Windows administrator, <i>DNS on Windows Server 2003</i> is the operations manual you need for working with DNS every day. If you’re a Windows user who simply wants to take the mystery out of the Internet, this book is a readable introduction to the Internet’s architecture and inner workings.</div> |
|
|
DNS & Bind Cookbook $16.31 <div><p>The <i>DNS & BIND Cookbook</i> presents solutions to the many problems faced by network administrators responsible for a name server. Following O’Reilly’s popular problem-and-solution cookbook format, this title is an indispensable companion to <i>DNS & BIND</i>, 4th Edition, the definitive guide to the critical task of name server administration. The cookbook contains dozens of code recipes showing solutions to everyday problems, ranging from simple questions, like, "How do I get BIND?" to more advanced topics like providing name service for IPv6 addresses. It’s full of BIND configuration files that you can adapt to your sites requirements.</p> <p>With the wide range of recipes in this book, you’ll be able to</p><ul><li>Check whether a name is registered</li> <li>Register your domain name and name servers</li> <li>Create zone files for your domains</li> <li>Protect your name server from abuse</li> <li>Set up back-up mail servers and virtual email addresses</li> <li>Delegate subdomains and check delegation</li> <li>Use incremental transfer</li> <li>Secure zone transfers</li> <li>Restrict which queries a server will answer</li> <li>Upgrade to BIND 9 from earlier version</li> <li>Perform logging and troubleshooting</li> <li>Use IPv6</li> </ul><p>and much more.<br/></p> <p>These recipes encompass all the day-to-day tasks you’re faced with when managing a name server, and many other tasks you’ll face as your site grows. Written by Cricket Liu, a noted authority on DNS, and the author of the bestselling <i>DNS & BIND</i> and <i>DNS on Windows 2000</i>, the <i>DNS & BIND Cookbook</i> belongs in every system or network administrator’s library.</p></div> |
|
|
A Practical Guide to Ubuntu Linux $33.71 New – The Most Complete, Easy-to-Follow Guide to Ubuntu Linux 10.4 LTS (Lucid Lynx) *The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)–the Long Term Support (LTS) release many companies will rely on for years!*Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes*Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trust Mark Sobell’s A Practical Guide to |
|
|
A Practical Guide to Ubuntu Linux $6.99 The Most Complete, Easy-to-Follow Guide to Ubuntu Linux The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)–the Long Term Support (LTS) release many companies will rely on for years! Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trustMark Sobell’s A Practical Guide to Ubuntu Linux®, Third Edition, is the most thorough and up-to-date reference to installing, configuring, and working with Ubuntu, and also offers comprehensive coverage of servers—critical for anybody interested in unleashing the full power of Ubuntu.This edition has been fully updated for Ubuntu 10.04 (Lucid Lynx), a milestone Long Term Support (LTS) release, which Canonical will support on desktops until 2013 and on servers until 2015.Sobell walks you through every essential feature and technique, from installing Ubuntu to working with GNOME, Samba, exim4, Apache, DNS, NIS, LDAP, gufw, firestarter, iptables, even Perl scripting. His exceptionally clear explanations demystify everything from networking to security.You’ll find full chapters on running Ubuntu from the command line and desktop (GUI), administrating systems, setting up networks and Internet servers, and much more. Fully updated JumpStart sections help you get complex servers running—often in as little as five minutes.Sobell draws on his immense Linux knowledge to explain both the “hows” and the “whys” of Ubuntu. He’s taught hundreds of thousands of readers and never forgets what it’s like to be new to Linux. Whether you’re a user, administrator, or programmer, you’ll find everything you need here—now, and for many years to come.The world’s most practical Ubuntu Linux book is now even more |
|
|
A Practical Guide to Ubuntu Linux $19.79 Used – The Most Complete, Easy-to-Follow Guide to Ubuntu Linux *The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)–the Long Term Support (LTS) release many companies will rely on for years!*Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes*Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trust Mark Sobell’s A Practical Guide to Ubuntu Linux(R), Thi |
|
|
A Practical Guide to Ubuntu Linux $49.99 The Most Complete, Easy-to-Follow Guide to Ubuntu Linux The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)–the Long Term Support (LTS) release many companies will rely on for years! Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trustMark Sobell’s A Practical Guide to Ubuntu Linux®, Third Edition, is the most thorough and up-to-date reference to installing, configuring, and working with Ubuntu, and also offers comprehensive coverage of servers—critical for anybody interested in unleashing the full power of Ubuntu.This edition has been fully updated for Ubuntu 10.04 (Lucid Lynx), a milestone Long Term Support (LTS) release, which Canonical will support on desktops until 2013 and on servers until 2015.Sobell walks you through every essential feature and technique, from installing Ubuntu to working with GNOME, Samba, exim4, Apache, DNS, NIS, LDAP, gufw, firestarter, iptables, even Perl scripting. His exceptionally clear explanations demystify everything from networking to security.You’ll find full chapters on running Ubuntu from the command line and desktop (GUI), administrating systems, setting up networks and Internet servers, and much more. Fully updated JumpStart sections help you get complex servers running—often in as little as five minutes.Sobell draws on his immense Linux knowledge to explain both the “hows” and the “whys” of Ubuntu. He’s taught hundreds of thousands of readers and never forgets what it’s like to be new to Linux. Whether you’re a user, administrator, or programmer, you’ll find everything you need here—now, and for many years to come.The world’s most practical Ubuntu Linux book is now even more |
|
|
A Practical Guide to Ubuntu Linux $17.12 Used – The Most Complete, Easy-to-Follow Guide to Ubuntu Linux *The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)–the Long Term Support (LTS) release many companies will rely on for years!*Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes*Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trust Mark Sobell’s A Practical Guide to Ubuntu Linux(R), Thi |
|
|
A Practical Guide to Ubuntu Linux $39.99 The Most Complete, Easy-to-Follow Guide to Ubuntu Linux The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)–the Long Term Support (LTS) release many companies will rely on for years! Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trustMark Sobell’s A Practical Guide to Ubuntu Linux®, Third Edition, is the most thorough and up-to-date reference to installing, configuring, and working with Ubuntu, and also offers comprehensive coverage of servers—critical for anybody interested in unleashing the full power of Ubuntu.This edition has been fully updated for Ubuntu 10.04 (Lucid Lynx), a milestone Long Term Support (LTS) release, which Canonical will support on desktops until 2013 and on servers until 2015.Sobell walks you through every essential feature and technique, from installing Ubuntu to working with GNOME, Samba, exim4, Apache, DNS, NIS, LDAP, gufw, firestarter, iptables, even Perl scripting. His exceptionally clear explanations demystify everything from networking to security.You’ll find full chapters on running Ubuntu from the command line and desktop (GUI), administrating systems, setting up networks and Internet servers, and much more. Fully updated JumpStart sections help you get complex servers running—often in as little as five minutes.Sobell draws on his immense Linux knowledge to explain both the “hows” and the “whys” of Ubuntu. He’s taught hundreds of thousands of readers and never forgets what it’s like to be new to Linux. Whether you’re a user, administrator, or programmer, you’ll find everything you need here—now, and for many years to come.The world’s most practical Ubuntu Linux book is now even more |
|
|
A Practical Guide to Ubuntu Linux $25.55 New – The Most Complete, Easy-to-Follow Guide to Ubuntu Linux 10.4 LTS (Lucid Lynx) *The #1 Ubuntu server resource, fully updated for Ubuntu 10.4 (Lucid Lynx)–the Long Term Support (LTS) release many companies will rely on for years!*Updated JumpStarts help you set up Samba, Apache, Mail, FTP, NIS, OpenSSH, DNS, and other complex servers in minutes*Hundreds of up-to-date examples, plus comprehensive indexes that deliver instant access to answers you can trust Mark Sobell’s A Practical Guide to |
|
|
Advanced Linux Networking $49.99 With an increasing number of networks and mission-critical applications running on Linux, system and network administrators must be able to do more than set up a server and rely on its default configuration. Advanced Linux Networking is designed to help you achieve a higher level of competence. It focuses on powerful techniques and features of Linux networking and provides you with the know-how you need to improve server efficiency, enhance security, and adapt to new requirements. This book begins with a brief introduction to low-level configuration, including a guide to getting your network up and running. Part II outlines those servers and procedures most likely to be used by the computers on your local network: DHCP servers, Kerberos, Samba, time servers, and network backups, among others. Part III covers Internet servers: DNS, SMTP (sendmail, Postfix, and Exim), Apache, and FTP servers. Part IV examines network security, exploring such topics as using a chroot jail, iptables configuration, and VPNs. Wherever pertinent, the author addresses the differences between Caldera OpenLinux, Debian GNU/Linux, Mandrake, Red Hat, Slackware, SuSE, and TurboLinux. Specific topics covered include:Configuring small but potentially important servers quickly and easilyOptimizing Linux network operationUsing advanced system features effectivelyUsing systems and software in alternative ways to reach your goalsAvoiding possible damage to your system and violations of ISP policiesSecuring your systemAdvanced Linux Networking is the single-volume tutorial and reference for Linuxnetworking that will help you achieve expert status. |
|
|
Automating Linux and Unix System Administration $39.99 Whether you need a network of ten Linux PCs and a server or a data center with a few thousand UNIX nodes, you need to know how to automate much of the installation, configuration, and standard system administration.Build your network once using cfengine, and the network build will work, without user intervention, on any hardware you prefer. Automating Linux and Unix System Administration, Second Edition is unique in its focus on how to make the system administrator’s job easier and more efficient: instead of just managing the system administrator’s time, the book explains the technology to automate repetitive tasks and the methodology to automate successfully. Both new and seasoned professionals will profit from industry–leading insights into the automation process. System administrators will attain a thorough grasp of cfengine, kickstart, and shell scripting for automation. After reading all chapters and following all exercises in this book, the reader will be able to set up anything from a Linux data center to a small office network. What you’ll learnSee how to make changes on many UNIX and Linux hosts at once in a reliable and repeatable manner. Learn how to automate things correctly so you only have to do it once, by leveraging the authors’ experience in setting up small, medium, and large networks. Set up a Linux data center or a network correctly. Explore handling real–world environments where not all hosts are configured alike via a case study of a fictional new data center build-out. Examine real–world examples for core infrastructure services (DNS, mail, monitoring, log analysis, security, cfengine, imaging) to build on in your environment. Understand core system administration best practices, which are a key part of how cfengine and automations deployments are outlined in the book. Learn |
|
|
Avaya Employees: Dan Kaminsky, Ryan Frazier, Chandra Kintala, Ravi Sethi, Charles Giancarlo, Don Peterson, Kevin J. Kennedy $9.16 Purchase includes free access to book updates online and a free trial membership in the publisher’s book club where you can select from more than a million books without charge. Not illustrated. Excerpt: Dan Kaminsky is a security researcher and the Chief Scientist for Recursion Ventures. He formerly worked for Cisco , Avaya, and IOActive, where he was the Director of Penetration Testing. He is known among computer security experts for his work on DNS cache poisoning (AKA “The Kaminsky Bug”), and for showing that the Sony Rootkit had infected at least 568,200 computers and for his talks at the Black Hat Briefings. In June of 2010, Dan released Interpolique, a beta framework for addressing injection attacks such as SQL Injection and Cross Site Scripting in a manner comfortable to developers. On June 16, 2010, Dan was named by ICANN as one of the Trusted Community Representatives for the DNSSEC root. During the Sony BMG CD copy protection scandal, Kaminsky used DNS cache snooping to find out whether or not servers had recently contacted any of the domains accessed by the Sony rootkit. He used this technique to estimate that there were at least 568,200 networks that had computers with the rootkit. In April 2008 Kaminsky realized a growing practice among ISPs potentially represented a security vulnerability. Various ISPs have experimented with intercepting return messages of non-existent domain names and replacing them with advertising content. This could allow hackers to set up phishing schemes by attacking the server responsible for the advertisements and linking to non-existent subdomains of the targeted websites. Kaminsky demonstrated this process by setting up Rickrolls on Facebook and PayPal. While the vulnerability used initially depended in part that Earthlink was using BareFruit to provide its advertising, Kaminsky was able to generalize the vulnerability to attack Verizon by attacking its ad provider, Paxfire. Kaminsk… More: |
|
|
D-Link DCS-932 Wireless N Day & Night Home Network Camera $78.1 The DCS-932 is a unique and versatile surveillance solution for your home or small office. Unlike a traditional webcam, this camera is a complete system with a built-in CPU and web server that transmits high quality video images and audio for security, surveillance, and remote monitoring. Simple installation and an intuitive web based interface offer easy integration with your Ethernet or 802.11n wireless network. The DCS-932 also comes with remote monitoring, motion detection, and night vision for a complete and cost-effective home security solution. This network camera includes 802.11n wireless for fast and easy integration into your existing network environment. Wireless N allows you to stream high-quality video to remote sites over the Internet. A Site Survey feature also allows you to view and connect to nearby wireless networks with ease. It also includes a standard Ethernet port for connections to traditional wired networks. This Wireless N camera comes with built-in infrared LEDs that allow for continuous monitoring even in complete darkness. The 5-metre illumination distance makes it suitable for small offices, baby rooms, sheds and garages. This network camera supports the Universal Plug-n-Play feature, which allows computers running on Windows XP/Vista/7 to automatically recognise the camera and add it to the network. Sign up with one of the free Dynamic DNS services available on the web to assign a name and domain to the camera (e.g. mycamera.dlinkddns.com), and remotely access the camera without having to remember the IP address. You may also view up to 32 cameras from a central location using the included free D-ViewCam software (DCS-100). D-ViewCam has a robust set of features including automated e-mail alerts which can instantly inform users of suspicious or unusual activities. |
|
|
D-Link DNS-343 4-Bay Network Storage Enclosure $290.22 The D-Link 4-Bay Network Storage Enclosure (DNS-343) is the perfect way to store, share, and safeguard your documents, music, videos, and photos. With the D-Link tool-less installation, you can easily insert up to 4 SATA drives1 without any tools or attaching any cables. Plus, the DNS-343 is a scalable solution, allowing you to start off with one SATA Hard Drive (HDD) and add up to 3 more as you grow. By supporting RAID 0, 1, 5, and JBOD, the DNS-343 gives you a variety of data protection options to help avoid data loss due to hard drive failure. RAID 0 combines all drives in a ‘striped’ configuration, splitting data evenly across the hard drives to provide the highest performance. RAID 1 causes two drives to mirror each other, providing maximum protection. If there are four drives present, you can set up two separate RAID 1 partitions. If one drive fails, the unaffected drive in the partition will continue to operate normally. Once you replace the failed drive, RAID 1 mirroring will resume and both drives will mirror each other again. Advanced RAID 5 offers the highest performance with the most reliable data recovery in the case of a drive failure. RAID 5 technology uses a clever algorithm to distribute your data over 4 SATA Hard Drives and, in the case of a hard drive failure, the DNS-343 will continue to function with your data intact. With the included Memeo software, you can create schedules and rules including real-time full or incremental backups and storage quotas for specific users and groups. Using Memeo backup software, you can automatically back up your data onto the DNS-343, creating a failsafe protection solution from accidental data loss on your PC. The 4-Bay Network Storage Enclosure features an OLED to display important information including IP address, hard drive statistics, temperature, RAID status, and server status (FTP and UPnP). The USB port can act as a print server port, allowing a USB printer to be added to your network without the need |
|
|
D-Link DNS-343 4-Bay Network Storage Enclosure $519.99 The D-Link 4-Bay Network Storage Enclosure (DNS-343) is the perfect way to store, share, and safeguard your documents, music, videos, and photos. With the D-Link tool-less installation, you can easily insert up to 4 SATA drives1 without any tools or attaching any cables. Plus, the DNS-343 is a scalable solution, allowing you to start off with one SATA hard disk drive (HDD) and add up to 3 more as you grow. By supporting RAID 0, 1, 5, and JBOD, the DNS-343 gives you a variety of data protection options to help avoid data loss due to hard drive failure. RAID 0 combines all drives in a striped configuration, splitting data evenly across the hard drives to provide the highest performance. RAID 1 causes two drives to mirror each other, providing maximum protection. If there are four drives present, you can set up two separate RAID 1 partitions. If one drive fails, the unaffected drive in the partition will continue to operate normally. Once you replace the failed drive, RAID 1 mirroring will resume and both drives will mirror each other again. Advanced RAID 5 offers the highest performance with the most reliable data recovery in the case of a drive failure. RAID 5 technology uses a clever algorithm to distribute your data over 4 SATA hard disk drives and, in the case of a hard drive failure, the DNS-343 will continue to function with your data intact. With the included Memeo software, you can create schedules and rules including real-time full or incremental backups and storage quotas for specific users and groups. Using Memeo backup software, you can automatically back up your data onto the DNS-343, creating a failsafe protection solution from accidental data loss on your PC. The 4-Bay Network Storage Enclosure features an OLED to display important information including IP address, hard drive statistics, temperature, RAID status, and server status (FTP and UPnP). The USB port can act as a print server port, allowing a USB printer |
|
|
D-Link DNS-343 4-Bay Network Storage Enclosure $519.99 The D-Link 4-Bay Network Storage Enclosure (DNS-343) is the perfect way to store, share, and safeguard your documents, music, videos, and photos. With the D-Link tool-less installation, you can easily insert up to 4 SATA drives1 without any tools or attaching any cables. Plus, the DNS-343 is a scalable solution, allowing you to start off with one SATA hard disk drive (HDD) and add up to 3 more as you grow. By supporting RAID 0, 1, 5, and JBOD, the DNS-343 gives you a variety of data protection options to help avoid data loss due to hard drive failure. RAID 0 combines all drives in a striped configuration, splitting data evenly across the hard drives to provide the highest performance. RAID 1 causes two drives to mirror each other, providing maximum protection. If there are four drives present, you can set up two separate RAID 1 partitions. If one drive fails, the unaffected drive in the partition will continue to operate normally. Once you replace the failed drive, RAID 1 mirroring will resume and both drives will mirror each other again. Advanced RAID 5 offers the highest performance with the most reliable data recovery in the case of a drive failure. RAID 5 technology uses a clever algorithm to distribute your data over 4 SATA hard disk drives and, in the case of a hard drive failure, the DNS-343 will continue to function with your data intact. With the included Memeo software, you can create schedules and rules including real-time full or incremental backups and storage quotas for specific users and groups. Using Memeo backup software, you can automatically back up your data onto the DNS-343, creating a failsafe protection solution from accidental data loss on your PC. The 4-Bay Network Storage Enclosure features an OLED to display important information including IP address, hard drive statistics, temperature, RAID status, and server status (FTP and UPnP). The USB port can act as a print server port, allowing a USB printer |
|
|
D-Link DNS-343 4-Bay Network Storage Enclosure (No Drives Included) $444.99 The D-Link(r) 4-Bay Network Storage Enclosure (DNS-343) is the perfect way to store, share, and safeguard your documents, music, videos, and photos. With the D-Link tool-less installation, you can easily insert up to 4 SATA drives1 without any tools or attaching any cables. Plus, the DNS-343 is a scalable solution, allowing you to start off with one SATA hard disk drive (HDD) and add up to 3 more as you grow. PROTECTION, PERFORMANCE AND FLEXIBILITY By supporting RAID 0, 1, 5, and JBOD, the DNS-343 gives you a variety of data protection options to help avoid data loss due to hard drive failure. RAID 0 combines all drives in a ‘striped’ configuration, splitting data evenly across the hard drives to provide the highest performance. RAID 1 causes two drives to mirror each other, providing maximum protection. If there are four drives present, you can set up two separate RAID 1 partitions. If one drive fails, the unaffected drive in the partition will continue to operate normally. Once you replace the failed drive, RAID 1 mirroring will resume and both drives will mirror each other again. Advanced RAID 5 offers the highest performance with the most reliable data recovery in the case of a drive failure. RAID 5 technology uses a clever algorithm to distribute your data over 4 SATA hard disk drives and, in the case of a hard drive failure, the DNS-343 will continue to function with your data intact. SIMPLIFIED MANAGEMENT With the included backup software, you can create schedules and rules including real-time full or incremental backups and storage quotas for specific users and groups. Using backup software, you can automatically back up your data onto the DNS-343, creating a failsafe protection solution from accidental data loss on your PC. The 4-Bay Network Storage Enclosure features an OLED to display important information including IP address, hard drive statistics, temperature, RAID status, and server status (FTP and UPnP(tm)). USB PORT FUNCTIONALITY The USB port can… |
|
|
D-Link NAS 2TB 4-Bay SATA Enclosure $534.99 The D-Link(r) 4-Bay Network Storage Enclosure (DNS-343) is the perfect way to store, share, and safeguard your documents, music, videos, and photos. With the D-Link tool-less installation, you can easily insert up to 4 SATA drives1 without any tools or attaching any cables. Plus, the DNS-343 is a scalable solution, allowing you to start off with one SATA hard disk drive (HDD) and add up to 3 more as you grow. PROTECTION, PERFORMANCE AND FLEXIBILITY By supporting RAID 0, 1, 5, and JBOD, the DNS-343 gives you a variety of data protection options to help avoid data loss due to hard drive failure. RAID 0 combines all drives in a ‘striped’ configuration, splitting data evenly across the hard drives to provide the highest performance. RAID 1 causes two drives to mirror each other, providing maximum protection. If there are four drives present, you can set up two separate RAID 1 partitions. If one drive fails, the unaffected drive in the partition will continue to operate normally. Once you replace the failed drive, RAID 1 mirroring will resume and both drives will mirror each other again. Advanced RAID 5 offers the highest performance with the most reliable data recovery in the case of a drive failure. RAID 5 technology uses a clever algorithm to distribute your data over 4 SATA hard disk drives and, in the case of a hard drive failure, the DNS-343 will continue to function with your data intact. Learn more about D-Link Green Technology SIMPLIFIED MANAGEMENT With the included backup software, you can create schedules and rules including real-time full or incremental backups and storage quotas for specific users and groups. Using backup software, you can automatically back up your data onto the DNS-343, creating a failsafe protection solution from accidental data loss on your PC. The 4-Bay Network Storage Enclosure features an OLED to display important information including IP address, hard drive statistics, temperature, RAID status, and server status (FTP and UPnP(tm))… |
|
|
Edimax BR-6641 Load Balancing Router $349.01 Auto Load Balancing (Inbound/Outbound) With real-time load sharing and load balancing, BR-6641 intelligent routing engine directs each session or connection to the best available link. It also supports policy-based routing, persistent routing, and traffic scheduling to effectively translate your business policy into your network policy. It enables MIS staffs to schedule and arrange each user’s connections and usage inline with company policy Trunk multi WAN links BR-6641 can aggregate multiple connections and increases bandwidth by trunking various types of connection (Leased-line, xDSL, and Cable Modem) to form a single virtual WAN trunk. WAN Outbound Fault Tolerance BR-6641 Provides 4 WAN ports for internet connection . The function provides you not only increase bandwidth but also backup internet connection each other. Whenever a link fails or is unstable, traffic is automatically re-routed to other healthy and available links to ensure uninterrupted connectivity. After the faulty link resumes functioning, on-line traffic is redistributed across all available connections to optimize the network performance. Multi-Homing (Inbound Fault Tolerance) Multi-homing provides a safeguard against failures in WAN links. Requests to the internal servers (e.g. WWW server) will be dispatched evenly on every live WAN link. If one of them fails, the internal servers can still be reached via other live links. . Bandwidth Management BR-6641 provides QoS towards both inbound and outbound traffic. You can set up to manage the traffic limit for a given TCP/UDP service (e.g. HTTP, FTP). This feature helps you allocate available bandwidth for each type of service and maximize the efficiency of your network. Fea ture WAN Type: Static IP , PPPoE , PPTP and DHCP Supports NAT and Static routing table Multi-Homing: 1. Fault tolerance (fail over / fail back) 2. Multiple domains 3. Multiple DNS per Domain 4. CNAME Record Outbound Load balance: 1. By traffic weight 2. By sour |
|
|
Edimax Outdoor IP Camera w/ Night Vision $189.95 Features Accesses the camera easily from Internet through the utility without DDNS setting Supports 3GPP/ISMA Dual video streaming for PCs and mobile devices with separate frame rate/resolution/bandwidth settings. IR LED control includes support automatic, manual and scheduled modes. Supports enhanced MPEG-4 compression Supports resolution of up to 640×480 pixels at 30 fps Supports Motion Detection and E-mail/FTP notification Built-in Web server for managing via standard web browser Able to trigger the email/ftp sending in the scheduled time period when the video motion is detected Integrates NAS as a NVR Supports Watchdog based on hardware timing device that triggers the IP Cam resets if the main program hangs The IC-9000 is designed with the “user-friendly” concept. You can install the IP Camera easily on your home network and then access the IP Camera anywhere in the world with the video management utility. No need to set complicated DNS name or change the router’s configuration. It’s just a plug & play. With video management utility and 3GPP/ISMA support, the IC-9000 allows you to view the real-time video from the IC-9000 on the most 3G mobile phones* anywhere and anytime without fixed IP address setting. With the low light sensitive sensor and IR LEDs inside the IP66-rated water proof housing, the IC-9000 can satisfy all security and indoor/outdoor surveillance needs even in the dim environment or bad weather condition. Besides, with the automatic ICR (IR Cutter Remover), the infrared light is filtered out during the day time and is allowed to pass during the night time. This ensures the video colour quality is excellent compared with other IP cameras. For outdoor surveillance and remote monitoring, the IC-9000 provides the best image quality in its class, and excellent performance. Its efficient bandwidth management offers 640×480 resolution, 30 fps frame rate, real MPEG4 image compression ability. The IC-9000 provides motion detection f |
|
|
Fedora 11 and Red Hat Enterprise Linux Bible $0.01 Get tomorrow’s Linux technology today in Fedora 11Fedora is the best cutting-edge Linux operating system available. Install it on your own desktop or personal server and you’ll have your hands on the latest Linux technology. Learn to use it today and you’ll be ready for upcoming enterprise Linux systems when they arrive. Install, configure, and use Fedora as anything from a desktop to an Internet server. Use this book as a guide to installing or running Fedora from the included DVD and Live CD.Set up Fedora or Red Hat Enterprise Linux to:Create encrypted file systems, use lightweight desktops, and try online games with new features in FedoraNavigate your computer with GNOME®, KDE®, Xfce, or Sugar (One Laptop Per Child) DesktopsManage and use documents, spreadsheets, presentations, music, and imagesConnect easily to your network with NetworkManagerDraw from massive online Fedora and third-party software repositoriesBuild an Internet server with e-mail, Web, DNS, FTP, and database servicesWhat’s on the DVD and CD-ROM?Official Fedora 11 install DVDOfficial Fedora 11 GNOME desktop live/install CDSystem Requirements: Please see the Preface and Appendix A for details and complete system requirements.New in Fedora 11Ext4 file systemsRPM 4.6Cortado streaming videoImproved webcam supportConnection sharing with NetworkManagerBetter printer supportGraphical administration tools make configuration easySpin, wobble, or twist with desktop effectsChoose from hundreds of desktop and online games |
|
|
Fedora 7 and Red Hat Enterprise Linux Bible $0.05 For a home desktop or a business server, here’s all the Linux you need Fedora 7 contains thousands of the latest Linux software projects. The Fedora 7 merge of Fedora Core and Extras software on our special DVD means that you get the most complete Fedora installation set available. The included Fedora 7 desktop live CD can be run live, and then installed to your hard disk. In all, you get the latest Linux desktop, server, and systems administration software and instruction, so you can learn skills that scale up to professional, commercial-quality Linux systems.Configure Fedora or Red Hat Enterprise Linux to: Explore your computer or the Internet from GNOME® and KDE® desktopsManage and use documents, spreadsheets, presentations, music, and imagesDraw from online software repositories with Package Manager and Package UpdaterBuild an Internet server with e-mail, Web, DNS, FTP, and database servicesSecure your computer with firewalls, password protection, and SELinuxTry out cutting edge Fedora 7 features:Boot up the first official Fedora 7 desktop live CD to try before you installPlay with the latest 3D-desktop technology with AIGLX and CompizRun virtualized versions of Fedora on your desktop, using KVM and QEMUWhat’s on the DVD and CD-ROM?Install complete Fedora 7 (8GB) from DVD Boot Fedora 7 desktop live CD, and then install its contents to your hard driveOpen for more!Play with 3D animation and applets on the desktopFind ten cool things to do with FedoraRun a Fedora 7 quick installSystem Requirements: Please see the Preface and Appendix A for details and complete system requirements.Engage 3D acceleration and play with desktop appletsNavigating your Fedora desktop has more bling when you enable 3D-hardware |
