Home :: Content

DNS Server Software Security Upgrade


ASU DNS Forwarders.jpg
Quick View
Summary: 

Modify current DNS infrastructure to mitigate a cache poisoning security vulunablility of Bind 8.

Start Date: 
July 8, 2008
Go Live: 
January 7, 2009
End Date: 
January 14, 2009
Stage: 
Recently Released - Completed in last 3 months.
People
Sponsor/Champion: 
Adrian Sannier, Vice President and University Technology Officer
Project Manager: 
Greg Wilson
Contact for more information: 
Greg.Wilson@ASU.EDU
Associate VP University Technology: 
Bob Nelson
University Technology Director: 
Jack Hsu
More Info
Source: 
Internal
Priority: 
Needs Prioritization
Scope: 

Add two new DNS servers, running bind 9.5.0-p2, as forwarder that all existing DNS servers will point to.

 

 

All Milestones and Schedule: 
  • CIRT notification of Security Issue - July 7th 2009 - Complete
  • Contact DNS server vendor for patches - July 2008 - Complete
  • Initial investigation and testing shown that patches are not compatible with our environment. - Complete
  • Develop new plan to mitigate the security risk by using Bind 9 DNS forwarder - completed
  • budget impact - two new DNS servers.
  • Obtain servers. - Complete
  • Setup and test forwarders. - Complete
  • Production roll out. - Completed on 9/7/2009
Deliverables: 
  • Secured DNS enviroment.
  • Improved DNS service during internet outage.
Syndicate content