What is DNS?
To access Internet resources by user-friendly domain names rather than IP addresses, users need a system that translates these domain names to IP addresses and back. This translation is the primary task of an engine called the Domain Name Server (DNS). (Source)
Attackers are using DNS to redirect traffic to malicious sites, steal data, and conduct attacks that can bring business to a standstill.
This article from A10 discusses how DNS works, why DNS DDoS resilience is critical, how DNS DDoS attacks are delivered, how companies can defend against DDoS attacks and how companies can defend against DNS attacks. This guide provides information on how to protect your Amazon AWS domain by configuring DNSSEC protocol. This article from Citrix discusses how to flush negative records, restrict the time to live (TTL) of negative records, preserve Citrix ADC memory by limiting the memory consumed by the DNS cache, retain DNS records in the cache, and enable DNS cache bypass. This article from Cloudflare gives a high level overview of DNS filtering. Top ten dangerous DNS attack types and how to mitigate them This article from Microsoft gives an overview of some ways of protecting your DNS using security appliances in Azure. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL. This guidance from CISA applies to organizations whose networks have been compromised by a cyber attack as well as to those desiring to improve their network security preparedness to respond to a cyber incident.
This document provides assessment guidance for Level 1 of the Cybersecurity Maturity Model Certification (CMMC). This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 3 and Level 2. This Handbook provides a step-by-step guide to assessing a small manufacturer’s information systems against the security requirements in NIST SP 800-171 rev 1. The purpose of this publication is to provide procedures for assessing the CUI requirements in NIST Special Publication 800-171.