Information Leakage Through the Domain Name System

Scott W. Rose; Anastase Nakassis; Ramaswamy Chandramouli

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Information Leakage Through the Domain Name System

Published

March 31, 2011

Author(s)

Scott W. Rose, Anastase Nakassis, Ramaswamy Chandramouli

Abstract

The Domain Name System (DNS) is the global lookup service for network resources. It is often the first step in an Internet transaction as well as a network attack. An attacker can query an organization's DNS as reconnaissance before attacking hosts on a particular network. There are different ways a zone administrator can minimize information leakage. This paper describes the risk and examines the protocol and operational options and looks at their advantages and drawbacks.

Citation

OTHER -

NIST Pub Series

Other

Pub Type

NIST Pubs

Download Paper

Local Download

Keywords

DNS, DNSSEC, PII

Information technology and Networking

Citation

Rose, S. , Nakassis, A. and Chandramouli, R. (2011), Information Leakage Through the Domain Name System, Other, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=900237 (Accessed November 21, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created March 31, 2011, Updated February 19, 2017

Information Leakage Through the Domain Name System

Author(s)

Abstract

Download Paper

Keywords

Citation

Additional citation formats

Issues