DNS Workshop

Wednesday Mar 16, 2011

RIPE E-Learning module 2 - DNS Vulnerabilities and the 'Kaminsky attack'

The RIPE Training team has released a new eLearning course on DNS Vulnerabilities and the 'Kaminsky attack'. The course can be found at http://www.ripe.net/lir-services/training/e-learning/dnssec/dns-vulnerabilities (requires flash).

This new module explains DNS 'man-in-the-middle' attacks as well as the 'Kaminsky style' cache poisoning attacks.

Screenshot of RIPE eLearning course


Dear Carsten,
could you recommend bind10 for productional usage ? Will there already inline-signing (dnssec) be included in 1.1.0 ?
Regards Mathias

Posted by Mathias on November 14, 2013 at 04:14 PM CET #

Hello Mathias,
BIND 10 is ready for production usage, I myself use BIND 10 for this very domain (dnsworkshop.org) as an authoritative server.

However, BIND 10 is not (yet) a replacement for BIND 9. There is much confusion about this, but BIND 10 can be seen as a separate product from BIND 9, not as the "next version" of BIND 9.

So you have to look closely of BIND 10 fullfills your needs for production use.

Posted by Carsten Strotmann on December 17, 2013 at 08:44 PM CET #

Post a Comment:
  • HTML Syntax: Allowed