How do you take care of security?

[Manic]

I'm concerned about security as regards domain names.

What do you do to protect your names from being stolen or highjacked, etc?

Specifically with .INFO names, which cannot be locked down.

Does anyone have any ideas to make .INFO's more secure?

What do you do personally?

PM or email me if you would prefer, though I think there would be many people here at DNF that have the same concerns, and would greatly appreciate some advice from the experts.

dnf AT bangbangbang DOT com

Many thanks to everyone who responds!

 

[.com.net.org]

I use my own nameserver and use my own domain for email.

 

[Manic]

Thanks, .com.net.org.

Anyone else have some good security ideas?

 

[DryHeat]

Originally posted by .com.net.org
I use my own nameserver and use my own domain for email.

How expensive and complicated this type of set-up is for a novice to learn (or would it be wise/adviseable to get professional help)? I'd be highly appreciative of any helpful info/advice you can provide.

 

[mole]

Originally posted by .com.net.org
I use my own nameserver

Why is that more secure?

 

[Nexus]

Originally posted by mole
Why is that more secure?

Not using your OWN nameservers always requires a level of TRUST. I agree that if your nameserver is from an official registrar, you shouldn't have a problem.

However, if a hosting company's domain name is your nameserver, and they lose control of their domain, let it expire, or otherwise screw up, someone else can use those nameservers to steal all the mail and communication access to your bussiness (not to mention to hijack your names).

Many hosting companies (including HostingNexus, my own) require that customers use their nameservers for practical business reasons. It isn't always necessary however, and in some cases it may prove prudent to do the footwork allowing you to manage your own if you're not entirely sure of the company you are dealing with.

~ Nexus

 

[.com.net.org]

Originally posted by DryHeat


How expensive and complicated this type of set-up is for a novice to learn (or would it be wise/adviseable to get professional help)? I'd be highly appreciative of any helpful info/advice you can provide.

I don't think it's hard to learn.
Just rent a dedicated server or buy a server and colocate it and then buy control panel license (if you don't mind spend on it).

If you need a server, just let me know. I'll try my best to help you. I can provide the server.

 

[Nexus]

Originally posted by DryHeat
How expensive and complicated this type of set-up is for a novice to learn (or would it be wise/adviseable to get professional help)? I'd be highly appreciative of any helpful info/advice you can provide.

If you have a dedicated server that uses Ensim, here are some instructions you can use (courtest of DEMODEMO.com):
Adding You own Private Name Server:
http://www.demodemo.com/tutorials/ensim_aa_nameservers.htm

I personally like Ensim. It is a great product. Many dedicated server providers supply systems with Ensim automatically installed. Ensim makes using the requisite tools (the most popular for UNIX boxes, called BIND) very easy.

DNS management without visual tools is not for novices though.

Alternatively, registration services like Enom provide very detailed controls for DNS (Nameserver designation, CNAME, A record, MX record controls). Some others I know of like Register.com, DiscountDomainRegistery & DomainMonger (OpenSRS/Tucows resellers) allow this as well.

~ Nexus

 

[Nexus]

Also, there are some DNS service providers listed here:
http://www.dynamicipaddress.com

NOTE: It DOES need to be said, that trying to micro-manage your nameservers could all be a wild-goose chase if you don't NEED to do it. Don't let anxiety get you to complicate your ability to do business unnecessarily. Just be cautious.

~ Nexus

 

[.com.net.org]

Originally posted by mole


Why is that more secure?

Because you take control of your own server and your own domains.

Scenario :
I hate to say this (as I'm also do webhosting), this may scare away potential clients.

1. Your webhosting provider can see all your email.
2. Your webhosting provider can change your domain DNS Zone. (Aim is to get your email, if your MX record is not pointing to their server).

Even your hosting provider won't do such things, you should remember that you're in virtual account (shared envirenment) security risk is higher because you can't control others scripts, etc.

Hope this explain my post.

 

[.com.net.org]

Originally posted by Nexus


Not using your OWN nameservers always requires a level of TRUST. I agree that if your nameserver is from an official registrar, you shouldn't have a problem.

However, if a hosting company's domain name is your nameserver, and they lose control of their domain, let it expire, or otherwise screw up, someone else can use those nameservers to steal all the mail and communication access to your bussiness (not to mention to hijack your names).

Many hosting companies (including HostingNexus, my own) require that customers use their nameservers for practical business reasons. It isn't always necessary however, and in some cases it may prove prudent to do the footwork allowing you to manage your own if you're not entirely sure of the company you are dealing with.

~ Nexus

You're faster.

 

[mole]

Given what you said, nex and cnorg, is eNom DNS safe enough?

I buy the point that their are a lot of registrars with cracker jack DNS (or even no DNS for their clients) out there, so best use your own.

I once signed up for UltraDNS.com for $32 a year just to use their DNS for one month, but no difference to what I can free at eNOM.

I also used mydomain for a while because of the megatags but then realised that eNOM has a metatag setting there which I completely missed. :shy:

I checked out the cost of a hosted private label DNS and it comes at US$1,500 per pop?

So really back to the question, is eNOM DNS a safe option?

Thanks.

 

[skylark]

Check out ZoneEdit.com.

Account if FREE for first five domain names. You have control over all features and for a fee can add extra backup nameservers.

Skylark

 

[WebMomentum]

My security measure .. I regged crap names - no one would steal them!

Haha

 

[.com.net.org]

I can say enom's DNS is quite safe.

Originally posted by mole
Given what you said, nex and cnorg, is eNom DNS safe enough?

I buy the point that their are a lot of registrars with cracker jack DNS (or even no DNS for their clients) out there, so best use your own.

I once signed up for UltraDNS.com for $32 a year just to use their DNS for one month, but no difference to what I can free at eNOM.

I also used mydomain for a while because of the megatags but then realised that eNOM has a metatag setting there which I completely missed. :shy:

I checked out the cost of a hosted private label DNS and it comes at US$1,500 per pop?

So really back to the question, is eNOM DNS a safe option?

Thanks.

 

[DrWho]

Originally posted by Manic
I'm concerned about security as regards domain names.

What do you do to protect your names from being stolen or highjacked, etc?

Specifically with .INFO names, which cannot be locked down.

Does anyone have any ideas to make .INFO's more secure?

What do you do personally?

PM or email me if you would prefer, though I think there would be many people here at DNF that have the same concerns, and would greatly appreciate some advice from the experts.

dnf AT bangbangbang DOT com

Many thanks to everyone who responds!

Rule #1 Never discuss or disclose your security procedures

 

[Diogenes]

I have a raq that i rent and it's colocated. How would i figure out if my host had partitioned the raq and was renting a portion to other people?

And using ensim i can have a multitude of nameservers for the same raq?

D.

 

[netznutz]

"Rule #1 Never discuss or disclose your security procedures"

Rule #0: Never let "Security by obscurity" be your
major security measure. Always plan your security
measures so that they cannot be broken even if
they are known to the public.

As for the dedicated server approach: You won't
be much safer with your private machine, as long
as you run any other services (webserver, database)
on the same box.
The more services - the more vulnerabilities.
I'd personally would never trust a preinstalled
nameserver with a fancy web interface.
If you really want security for your installation
you need some deep knowledge yourself or
someone that you really trust.

 

[newnoy]

Originally posted by Manic

Specifically with .INFO names, which cannot be locked down.

.info names can be locked down depending on registrar. I use godaddy and I have no problem locking them.