Get the SPIRIT of TOMORROW !!! ..... LINUX
   Navigation
  About us
  Enquiry
  Search
  Contact Us
  Site Map
 
 

Bind Security: Transaction Signatures (TSIG) Configuration

Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication (usually between master and slave server, but can be extended for dynamic updates as well). TSIG can protect the following type of transactions between two DNS servers:

 

  • Zone transfer
  • Notify
  • Dynamic updates
  • Recursive query messages etc.

TSIG is available for BIND v8.2 and above. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages. TSIG is easy and lightweight for resolvers and named.

How it works?

  • Each name server adds a TSIG record the data section of a dns server-to-server queries and message.
  • The TSIG record signs the DNS message, proving that the message's sender had a cryptographic key shared with the receiver and that the message wasn't modified after it left the sender.
  • TSIG uses a one-way hash function to provide authentication and data integrity.

--> Read More

 

Linux News

 Microsoft Deal: Red Hat Quietly Jabs Novell, Feb. 20th, 2009 by The     VAR Guy: When Red Hat and Microsoft announced a virtualization     partnership on February 16, both companies directed most of their     messaging to customers. Now, Red Hat is back — promoting the Microsoft     relationship to channel partners, and taking a thinly veiled shot at Novell. In     a February 18 blog post, Red Hat says the Microsoft deal will deliver a     “bigger opportunity for channel partners.” Sure, the blog entry contains          some marketing hype. But let’s give Red Hat (and Microsoft…) some credit     here: The duo signed a partnership that serves customers and partners —     without spinning up any patent controversy along the way. According to the Red Hat blog post:
    "Both companies signed straightforward certification and validation agreements indicating that we     would join the other’s virtualization validation/certification program, which means ultimately our     customers and partners win"... --> Complete Story

 Wireless security - how secure is your data?: Jan 27, 2009, 19 :03 UTC
    "What if I don't have a choice and need to use an unsecured hotspot? What can I do?!?!?!?!

    "This is the number one question. I left it at the end because the other questions build a good     foundation as to why you need to do this.

     "VPN - if you must do work through an unsecured wireless access point then a VPN is the most      secure way to go by far. A VPN allows you to tunnel all your traffic through it and it encrypts      everything along the way until the server you initiated the VPN with gets the data and then      decrypts it. The assumption is that the most insecure transmission occurs before reaching the VPN      server, at which time there is no need for it be encrypted anymore (this is a very simplified      breakdown of VPNs). If you are a casual user and don't have a work VPN but want everything to      be secure then you can sign up for services such as hotspot-vpn which allows you to vpn into their      servers. Many other companies offer services for a relatively cheap price." --> Complete Story

 MySQL Enterprise Server: MySQL Enterprise Server software is the most reliable, secure and
    up-to-date version of MySQL for cost-effectively delivering E-commerce, Online Transaction
    Processing (OLTP), and multi-terabyte Data Warehousing applications. It is a fully integrated
    transaction-safe, ACID compliant database with full commit, rollback, crash recovery and row level
    locking capabilities. MySQL delivers the ease of use, scalability, and performance that has made
    MySQL the world's most popular open source database...-->Read More
 
Copyright © sadacnet.com