DNSSec - Secure DNS
4.3 (86 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
527 students enrolled

DNSSec - Secure DNS

Learn how DNSSec is used to secure and protect DNS
4.3 (86 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
527 students enrolled
Created by Jimmy Larsson
Last updated 1/2020
English
English [Auto]
Current price: $27.99 Original price: $39.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 1 hour on-demand video
  • 2 articles
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Sign their own zone
  • Operate DNSSec-enabled authoritative DNS-server
  • Troubleshoot DNSSec
  • Explain and understand the principles of zone signing.
Requirements
  • A solid understanding of DNS is a must!
Description

DNS is not secure! And DNS is the most important protocol of internet! Learn how to secure DNS with DNSSec!

In this course You will learn how DNSSec works, how to implement DNSSec and how to operate DNSSec-enabled DNS-servers.

By the end of this course You will have a solid understanding of how to secure your domains and zones.

What you will learn:

  • How the signing process works
  • Background about hashing algorithms and digital signatures.
  • Differences between ZSK (zone signing keys) and KSK (key signing keys)
  • How to operate a signed zone in bind.
  • The chain of trust. How Your zone information is secured all the way back to the root zone.

The requirements:

  • You really need to know how DNS works. I expect You to already know about zone files, dig, SOA-records and zone transfers.


Target audiences:

  • Networking engineers who operates their own DNS-servers with bind
  • Security aware people who wants to understand DNSSec
  • CCNA/CCNP students.


Who this course is for:
  • Security engineers who need knowledge of DNSSec
  • Operators of authoritative DNS-servers
  • Networking and security students (CCNA/CCNP)
Course content
Expand all 16 lectures 56:35
+ Introduction - about this course
2 lectures 03:31

The background about DNSSec is explained. Why is it needed?

Preview 02:18

A short welcome message!

Preview 01:13
+ Theories behind DNSSec
7 lectures 23:01

DNSSec must be supported in the resolver and in the authoritative DNS servers. You do not need to have DNSSec-support in your local computer.

Preview 01:55

DNSSec uses hashes and digital signatures. These terms are explained in the upcoming lectures.

Intro to hashing and digital signatures
00:35

How hash methods works, why they exists and what defines a proper hash method.

Hash functions
09:36

Digital signatures ("signing") is a key component of DNSSec. In this lecture the concept of signing is explained.

Preview 03:35

I explain the chain of trust.

Chain of trust
01:21

It seems overkill with multiple levels of keys, but they are the key(!) to the protocol.

Why two levels of keys?
03:25

The terms "resource record" and "resource record set" might need some clarification.

RR vs RRSet
02:34
+ Hands on
5 lectures 27:43

This is the first part of 3 lectures where I explain the signing process.

Signing the zone - part 1
09:55

The second part of the signing process walkthru...

Preview 05:33

The third and final part of the signing process walkthru.

Signing the zone - part 3
03:04

Together we will have a look at how the signed zone looks like.

Looking at the signed zone
06:14

We verify DNSSec functionality with dig and learns how to use dig to test DNSSec.

Testing DNSSec with dig
02:57
Test your knowledge
3 questions
+ Bonus section
1 lecture 00:29
Bonus lecture: About me and my courses
00:29