This article analysis DNS security flaws and the best ways to address these challenges. DNS (the domain naming system) is the basis of the internet that allows for the translation of website names into IP addresses and vice-versa. DNS, however, suffers from security vulnerabilities such as DNS Open Resolver attacks, DDoS (denial of service) attacks, cache poisoning attacks, resource utilizing attacks, DNS ID hacking, and DNS change malware attacks. The article goes into depth to describe each of these attacks and offers a potential solution to help secure DNS. The article focuses on securing DNS’s data integrity and availability and does this through a proposition to incorporate DNSSEC with Bind DNS software which addresses both these issues as it helps establish a change of trust through the DNS system through the use of digitally signing data and distributing private and public keys.
