Jump to content

Recommended Posts

Posted (edited)

DNSSEC basically is used to prevent someone from putting up a DNS server with fake records pointing users that use that resolver to a server different than yours. 

This matters for banks and major sites that handle high volumes of commerce… but in practical/real life terms, it’s super unlikely to happen. It would be isolated (say a hotel network compromised and routing traffic to fake sites) and in most cases would be targeting sites that are more commonly used.

It does not protect the domain itself and does not prevent things like DNS highjacking or someone trying to port your domain without permission. 

I don’t say this to minimize implementation of a security feature, but instead to help folks realize that should it not be available that there is not a huge hole out there putting you at risk.  I have a better chance at winning the Powerball than seeing my site attacked successfully in this manner. But yes, it’s technically possible for it to occur!  

Edited by Randy Calvert
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...