Securing network services
It is a common requirement for enterprises to provide and leverage Internet services such as DNS, e-mail, and file transfer. How the services are used and properly integrated into the enterprise network infrastructure remains a constant challenge for enterprises in addition to implementing security. The latest malware threats utilize these common services in order to redirect internal hosts to Internet destinations under the control of the malware writers. In a network with correctly implemented architecture, this scenario would mostly be a mute point, and with additional security mechanisms, a rare occurrence.
DNS
Domain Name Service (DNS) is in my opinion one of the greatest inventions, saving all of us from memorizing 32-bit and soon 128-bit IP addressing to browse to our favorite Internet websites. DNS provides a mapping of an IP address to a fully qualified domain name, an example is www.google.com, at IP address 173.194.75.106, one of the many web servers that...
