The top spy agency of the United States has released a comprehensive best practices guide that covers many devices and user behaviors both at work and their homes.

This document provides deployment guidelines for securing DNS within an enterprise. Because DNS data is meant to be public, preserving the confidentiality of DNS data pertaining to publicly accessible IT resources is not a security objective.

The National Institute of Standards and Technology (NIST) has drafted another revision of the document “Secure Domain Name System (DNS) Deployment Guide" (SP 800-81). This revision addresses all the comments and feedback received for the first revision through public comments in March 2009, in addition to adding 3 more subsections described below.

US-CERT has been alerted to an increase in distributed denial of service (DDoS) attacks using spoofed recursive DNS requests. These attacks are troublesome because all systems communicating over the Internet need to allow DNS traffic. This paper provides information about configuring DNS servers to protect against this threat.