- Introduction: The Real Threat of Disinformation Campaigns
- The DNS Hijacking Scenario
- The Security Breach
- Corrective Actions
- Don't Be an Unwitting Collaborator
Don't Be an Unwitting Collaborator
You can go on for some time before discovering that your domain has been hijacked. So do the following:
Secure your DNS servers by using up-to-date software, limiting zone transfers to authorized hosts, being vigilant in looking for events that could show a problem, and deploy DNSSEC as soon as it's feasible for your organization to do so.
Secure your domain names by using SSL and strong passwords with your registrar, using a dedicated email address, using PGP or other encryption for email contents, and having a change control process so that unauthorized changes can be detected.
Finally, regularly check your domains using WHOIS or tools like the ones available at Network-Tools.com to verify that your information is valid both from inside and outside your domain.