Pulse of Truth

2342 readers

15 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

NIST updates its DNS security guidance for the first time in over a decade (www.helpnetsecurity.com)

submitted 1 day ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

1 comments fedilink hide all child comments

DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it have gone largely unrevised at the federal guidance level for more than twelve years. NIST published SP 800-81r3, the Secure Domain Name System Deployment Guide, superseding a version that dates to 2013. The document covers three main areas: using DNS as an active security control, securing the DNS protocol itself, and protecting the servers and infrastructure that run DNS services. … More → The post NIST updates its DNS security guidance for the first time in over a decade appeared first on Help Net Security.

you are viewing a single comment's thread
view the rest of the comments

[–] mrnobody@reddthat.com 2 points 1 day ago

I always try to be proactive and not reactive, but DNS standards have always been lackluster. Use DNSSEC on anything you host and DoH (DNS over https) or DoT (dns over TLS) wherever possible on the OS or browser.

Get off Google DNS (for privacy) and Cloudflare, and use Quad9 (they offer several) or dns.watch!

If you is a pihole, is easy to toggle on dnssec, and your Firefox-based browser is pretty straightforward too.