"stealth master" DNS Security
Chris Dew
cmsdew at googlemail.com
Wed Mar 25 11:46:00 UTC 2009
So you want to store data on the slaves which will not be accessible
to an attacker who has root privileges on the same slave?
This looks difficult.
One possibility is to replace bind's operations on the slave's zone
file (the loading and saving of data) with a hack to bind which stores
the data in a process-specific buffer (instead of a file), perhaps
with simple symmetric encryption. The zone data would be lost on
reboot, but it would be non-trivial for a root-privileged hacker to
read the data, without reverse-engineering the bind hack.
Less exotically, it could just run a simple encryption scheme and
store the data as the originally-specified filename. This may be more
useful if zones are huge in size or number.
All the best,
Chris.
http://www.finalcog.com
2009/3/25 Ram Akuka <ramakuka at gmail.com>:
> Thanks Cris,
> but encrypting the file system won't do the work here.
> i agree that storing the key and the encrypted data on the same
> machine is useless in security terms. that why i'm looking for a build
> in solution .
> is there's any way the slave server can save the zone in format
> diffent then clear text ?
>
> Thanks
>
> --
> Ram
>
> On Wed, Mar 25, 2009 at 12:17 PM, Chris Dew <cmsdew at googlemail.com> wrote:
>> You could use the ecrypt fs for the location of the zone data - it
>> would require a passphrase when bind starts up on the slave - this
>> could cause trouble if the slave crashes.
>>
>> In general there is NO way of having encrypted data on a machine AND
>> having the keys on that same machine AND making it 100% secure.
>>
>> Regards,
>>
>> Chris
>>
>> http://www.finalcog.com
>>
>>
>> 2009/3/25 Ram Akuka <ramakuka at gmail.com>
>>>
>>> Hi,
>>> I want to design a DNS system for secure authoritative server.
>>> I’ll use one master server to store the data zone and use zone
>>> transfer mechanism for the 2 public slave servers (which will defined
>>> as masters in the internet). That way I’ll update and backup only
>>> server.
>>> I using TSIG for secure zone transfer but I have few questions,
>>> Is there’s any way I can encrypt the zone files in the slave server,
>>> that way no one can have access to the actual zone data beside the
>>> master server.
>>> (if for example someone will hack to the slave DNS he won’t have the
>>> zones data).
>>>
>>> Thanks in advance,
>>>
>>>
>>> --
>>> Ram
>>> _______________________________________________
>>> bind-users mailing list
>>> bind-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
More information about the bind-users
mailing list