[nsp-sec] ccTLD Security - What are your top 5 "security" recommendations?
Nick Hilliard
nick at inex.ie
Fri Mar 11 12:12:04 EST 2011
On 11/03/2011 17:01, sthaug at nethelp.no wrote:
> I look at this from a slightly different point of view: You *want* the
> name service for your ccTLD to be distributed, both geographically and
> across different ASes. To do this, you obviously need name servers that
> are distributed correspondingly.
Agreed completely: just look at the recent problems with .ly and .eg.
> Unless your ccTLD organization is big, you're highly unlikely to own all
> the physical facilities yourself. So most likely *somebody* outside the
> ccTLD organization has physical access to some of the servers, and can
> therefore break into them.
Yes. But breaking in takes more effort and involves much more noticeable
disruption to services. It will probably require a reboot, which is much
easier to notice. If you're running your dns server on a VM (some
operators do), it's even more difficult because you can't even reboot to
single user mode, without access to the underlying virtual machine.
> I don't see the big difference between such physical access and having
> third party people with root access running the name servers, given a
> reasonable (legally binding) *contract* between the ccTLD organization
> and the organizations of the third party people with root access. Such
> contracts certainly exist, for instance in the case of the .no ccTLD.
Contracts enforce procedure, which is generally a good thing. But
malicious intent will not be hindered by the existence of a contract.
Nick
More information about the nsp-security
mailing list