Open Access
Subscription Access
DNS伺服器對於網際網路正常運作有著相當重要的存在,以往相關研究在探討DNS安全時,焦點最常放置於DNS系統設計上的漏洞與缺失,在重視系統漏洞補強的同時,常忽略了DNS設定上的缺失及失效問題,亦是造成惡意攻擊者蒐集資料甚至是利用該缺失進行攻擊的另一管道。本研究預計提出以Web為介面之主動式DNS網域設定檢測機制,透過自動化的檢測環境達到檢測遠端主機設定是否正確並提出問題環節,協助使用者修正其設定問題,並與Twnic之DNS主機安全檢測機制相互搭配,建構一套完整的DNS安全環境檢測機制,改善台灣區DNS安全問題。Recently, along with Internet's rapid growth in user population and utilization, there are increasing incidences of attacks and intrusions which make this virtual space an insecure channel for communication and data exchange. DNS, as part of the fundamental network infrastructure, has a great influence on Internet security. Most DNS security related studies focused more on DNS implementation flaws and neglected inappropriate DNS setting as one of an important consideration. Therefore, the purpose of this research is to discuss DNS security problem from the aspect of mis-configuration. Also, a web-based DNS configuration assessment system will be developed based on the finding and current available technologies, to provide users an efficient and convenient way to evaluate DNS security. Finally, as part of the proposed solution, we also incorporate TWNIC DNS server security system into our system.
DNS伺服器對於網際網路正常運作有著相當重要的存在,以往相關研究在探討DNS安全時,焦點最常放置於DNS系統設計上的漏洞與缺失,在重視系統漏洞補強的同時,常忽略了DNS設定上的缺失及失效問題,亦是造成惡意攻擊者蒐集資料甚至是利用該缺失進行攻擊的另一管道。本研究預計提出以Web為介面之主動式DNS網域設定檢測機制,透過自動化的檢測環境達到檢測遠端主機設定是否正確並提出問題環節,協助使用者修正其設定問題,並與Twnic之DNS主機安全檢測機制相互搭配,建構一套完整的DNS安全環境檢測機制,改善台灣區DNS安全問題。Recently, along with Internet's rapid growth in user population and utilization, there are increasing incidences of attacks and intrusions which make this virtual space an insecure channel for communication and data exchange. DNS, as part of the fundamental network infrastructure, has a great influence on Internet security. Most DNS security related studies focused more on DNS implementation flaws and neglected inappropriate DNS setting as one of an important consideration. Therefore, the purpose of this research is to discuss DNS security problem from the aspect of mis-configuration. Also, a web-based DNS configuration assessment system will be developed based on the finding and current available technologies, to provide users an efficient and convenient way to evaluate DNS security. Finally, as part of the proposed solution, we also incorporate TWNIC DNS server security system into our system.
網際綱路; DNS; 網路安全; 網域檢測; 入侵攻擊; Internet; DNS; Internet Security; domain assessment; incident of attack
Citation Format:
沈志昌(Chih-Chang Shen), 古東明(Tung-Ming Koo), 楊禎葆(Chen-Pao Yang), 鄭進興(Jinn-Shing Chang), "主動式DNS網域安全設定檢測機制," Journal of Internet Technology, vol. 6, no. 2 , pp. 165-171, Apr. 2005.
沈志昌(Chih-Chang Shen), 古東明(Tung-Ming Koo), 楊禎葆(Chen-Pao Yang), 鄭進興(Jinn-Shing Chang), "主動式DNS網域安全設定檢測機制," Journal of Internet Technology, vol. 6, no. 2 , pp. 165-171, Apr. 2005.
Full Text:
- There are currently no refbacks.
Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Office of Library and Information Services, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 974301, Taiwan, R.O.C.
Tel: +886-3-931-7314 E-mail: