DNSSEC Mastery

DNS is one of the oldest protocols on the Internet, and was designed for a network without hostile users. Anyone who wants to break into a network starts by investigating the target’s Domain Name Service. DNS Security Extensions, or DNSSEC, hardens DNS and brings it into the 21st century. But learning DNSSEC requires wading through years of obsolete tutorials, dead ends, and inscrutable standards.

DNSSEC MasteryUntil now.

DNSSEC Mastery will have DNS administrators running DNSSEC with the industry-standard BIND server in hours instead of weeks. You will:

  • Understand what DNSSEC gives you, and what it doesn’t
  • Configure your servers to resist attack.
  • Verify your environment supports modern DNS
  • Debug DNSSEC and the Chain of Trust
  • Configure your server to resolve DNSSEC
  • Conceal zone data with NSEC3
  • Cryptographically sign your zones, and attach them to the Chain of Trust
  • Have BIND automatically maintain signatures
  • Rollover keys to maintain security
  • Implement DNSSEC on private networks
  • Use DNSSEC to validate self-signed SSL certificates, ending your dependence on Certificate Authorities

    And more! DNSSEC Mastery transforms DNS from a security risk to a solution.

    Get the print book:

  • my CreateSpace store (list price, no discount)
  • Amazon

    Get the ebook:

  • Tilted Windmill Press, my personal bookstore. (Also available as part of the 3-book bundle at a 10% discount!) (Excludes EU customers because of VAT-sorry, folks!)
  • Gumroad – PDF, epub, mobi, DRM-free. Supports EU VAT.
  • Amazon US
  • iBooks
  • Smashwords
  • Nook/Barnes & Noble
  • LeanPub.
  • Kobo

    Critical acclaim for DNSSEC Mastery

    “…the book will take you from no DNSSEC at all to fully implemented in less than 100 pages.”
    Justin Sherrill, DragonflyBSD Digest

    “…a recommended buy.”
    Peter Hansteen, author of the Book of PF.

  • 1 comment to DNSSEC Mastery