Difference between revisions of "DNSSEC"

From ArchWiki
Jump to: navigation, search
(added lots of links to HOWTOs + BIND to software)
(added descriptions)
Line 1: Line 1:
{{stub}}[[Category:Networking (English)]][[Category:Security (English)]]
+
{{stub}}[[Category:Networking (English)]][[Category:Security (English)]][[Category:Cryptography (English)]]
  
  
Line 47: Line 47:
 
https://www.dnssec-tools.org/wiki/index.php/DNSSEC_Applications
 
https://www.dnssec-tools.org/wiki/index.php/DNSSEC_Applications
  
=== [[OpenSSH]] ===
+
=== [[OpenSSH]] (fixes only weak point in SSH design) ===
 
* dnssec-tools + patch: https://www.dnssec-tools.org/wiki/index.php/Ssh
 
* dnssec-tools + patch: https://www.dnssec-tools.org/wiki/index.php/Ssh
 
** http://www.dnssec-tools.org/readme/README.ssh
 
** http://www.dnssec-tools.org/readme/README.ssh
Line 55: Line 55:
 
** usage: '''alias ssh=ssh-dnssec'''
 
** usage: '''alias ssh=ssh-dnssec'''
  
=== [[Firefox]] ===
+
=== [[Firefox]] (secure browsing - enchancment of HTTPS) ===
 
* DNSSEC Validator plugin https://addons.mozilla.org/en-US/firefox/addon/64247/
 
* DNSSEC Validator plugin https://addons.mozilla.org/en-US/firefox/addon/64247/
 
* DNSSEC Drill plugin http://nlnetlabs.nl/projects/drill/drill_extension.html
 
* DNSSEC Drill plugin http://nlnetlabs.nl/projects/drill/drill_extension.html
Line 67: Line 67:
 
** http://www.bind9.net/BIND-FAQ
 
** http://www.bind9.net/BIND-FAQ
 
* http://blog.techscrawl.com/2009/01/13/enabling-dnssec-on-bind/
 
* http://blog.techscrawl.com/2009/01/13/enabling-dnssec-on-bind/
* [[DNS with bind]]
 
  
 
=== [[Postfix]] (fight spam and frauds) ===
 
=== [[Postfix]] (fight spam and frauds) ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
=== [[jabberd]] ===
+
=== [[jabberd]] (fight spam and frauds) ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
=== [[Thunderbird]] ===
+
=== [[Thunderbird]] (secure logins) ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
=== [[lftp]] ===
+
=== [[lftp]] (secure downloads and logins) ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
=== [[wget]] ===
+
=== [[wget]] (secure downloads) ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
 
=== [[proftpd]] ===
 
=== [[proftpd]] ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
=== [[Sendmail]] ===
+
=== [[Sendmail]] (fight spam and frauds) ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
 
=== [[LibSPF]] ===
 
=== [[LibSPF]] ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch
=== [[ncftp]] ===
+
=== [[ncftp]] (secure downloads and logins) ===
 
* dnssec-tools + patch
 
* dnssec-tools + patch

Revision as of 22:02, 31 July 2010

Tango-document-new.pngThis article is a stub.Tango-document-new.png

Notes: please use the first argument of the template to provide more detailed indications. (Discuss in Talk:DNSSEC#)


Facts


DNSSEC Packages


Howto enable DNSSEC in specific software

https://www.dnssec-tools.org/wiki/index.php/DNSSEC_Applications

OpenSSH (fixes only weak point in SSH design)

Firefox (secure browsing - enchancment of HTTPS)

Bind (serving signed DNS zones)

Postfix (fight spam and frauds)

  • dnssec-tools + patch

jabberd (fight spam and frauds)

  • dnssec-tools + patch

Thunderbird (secure logins)

  • dnssec-tools + patch

lftp (secure downloads and logins)

  • dnssec-tools + patch

wget (secure downloads)

  • dnssec-tools + patch

proftpd

  • dnssec-tools + patch

Sendmail (fight spam and frauds)

  • dnssec-tools + patch

LibSPF

  • dnssec-tools + patch

ncftp (secure downloads and logins)

  • dnssec-tools + patch