{"id":4397,"date":"2020-10-30T22:05:08","date_gmt":"2020-10-30T21:05:08","guid":{"rendered":"https:\/\/webhosting.de\/?p=4397"},"modified":"2020-10-30T22:05:08","modified_gmt":"2020-10-30T21:05:08","slug":"dnssec","status":"publish","type":"post","link":"https:\/\/webhosting.de\/pl\/dnssec\/","title":{"rendered":"dnssec"},"content":{"rendered":"<h2>Rozszerzenia zabezpiecze\u0144 systemu nazw domenowych<\/h2>\n<p>Dnssec jest zestawem standard\u00f3w w <a href=\"https:\/\/webhosting.de\/pl\/flexoptix-universal-transceiver\/\">Internet<\/a>kt\u00f3re zapewniaj\u0105 gwarancj\u0119 mechanizm\u00f3w bezpiecze\u0144stwa. Podlegaj\u0105 one r\u00f3wnie\u017c autentyczno\u015bci i integralno\u015bci <a href=\"https:\/\/webhosting.de\/pl\/personenbezogene-daten-sozialen-netzwerken\/\">Dane<\/a>. Uczestnik dnssec mo\u017ce zweryfikowa\u0107 pewne dane strefy. Mo\u017ce on r\u00f3wnie\u017c sprawdzi\u0107, czy dane strefy DNS s\u0105 identyczne z danymi, kt\u00f3re autoryzowa\u0142 tw\u00f3rca strefy.<\/p>\n<h2>Brak szyfrowania danych<\/h2>\n<p>Dnssec zosta\u0142 opracowany do walki z zatruciem skrytek. Podpisy cyfrowe s\u0105 zabezpieczone podczas przesy\u0142ania zapis\u00f3w o zasobach. Uwierzytelnianie nigdy nie odbywa si\u0119 na serwerach ani na klientach. W dnssecu \u017cadne dane nie s\u0105 szyfrowane. Asymetryczny kryptosystem. W\u0142a\u015bciciel danej informacji jest nazywany serwerem g\u0142\u00f3wnym. W tym miejscu znajduje si\u0119 r\u00f3wnie\u017c strefa, kt\u00f3ra ma by\u0107 zabezpieczona. Ka\u017cdy pojedynczy rekord jest podpisywany kluczem prywatnym lub tajnym. Autentyczno\u015b\u0107 i integralno\u015b\u0107 mo\u017ce by\u0107 zweryfikowana za pomoc\u0105 klucza publicznego. Rozszerzenie EDNS jest preferowane przez dnssec. Z tym rozszerzeniem mog\u0105 by\u0107 u\u017cywane dodatkowe parametry. Za pomoc\u0105 tego rozszerzenia usuni\u0119to r\u00f3wnie\u017c ograniczenie rozmiaru do 512 bajt\u00f3w. W celu przes\u0142ania klucza lub podpisu konieczne s\u0105 d\u0142u\u017csze komunikaty DNS.<\/p>\n<h2>Jak dzia\u0142a DNA?<\/h2>\n<p>W RR, tj. Resource Record, informacje s\u0105 dostarczane przez dnssec. Zabezpieczaj\u0105 one autentyczno\u015b\u0107 informacji za pomoc\u0105 podpisu cyfrowego. W\u0142a\u015bcicielem tych informacji jest serwer g\u0142\u00f3wny w strefie. Jest r\u00f3wnie\u017c autorytatywny. Dla ka\u017cdej strefy, kt\u00f3ra ma by\u0107 zabezpieczona, znajduje si\u0119 klucz \u015bpiewu strefowego. Para sk\u0142ada si\u0119 z kluczy publicznych i prywatnych. Publiczna cz\u0119\u015b\u0107 klucza strefy jest zawarta w pliku strefy jako DNSKEY Resource Record. Klucz prywatny zapewnia, \u017ce ka\u017cde indywidualne RR jest podpisane cyfrowo w strefie. W tym celu wype\u0142nia si\u0119 Rekord zasob\u00f3w, kt\u00f3ry jest nast\u0119pnie Rekordem zasob\u00f3w RRSIG. Zawiera on podpis dla rekordu DNS.<br \/>\nDla ka\u017cdej z tych transakcji wysy\u0142ana jest RRSIG-RR wraz z normalnym zapisem zasob\u00f3w. Do transferu w strefie, niewolnicy otrzymuj\u0105 go pierwsi. Nast\u0119pnie jest on przechowywany w pami\u0119ci podr\u0119cznej w dobrej rozdzielczo\u015bci. Ostatni\u0105 rzecz\u0105, jak\u0105 RR ko\u0144czy na rewolwerze, kt\u00f3ry o to poprosi\u0142. Za pomoc\u0105 publicznego klucza strefowego, RR mo\u017ce zatwierdzi\u0107 sygnatur\u0119.<\/p>\n<h2>Ocena<\/h2>\n<p>W przypadku dnssec, resolwery DNS s\u0105 urz\u0105dzeniami ko\u0144cowymi, takimi jak komputer lub smartfon, na kt\u00f3rych zapisy nie mog\u0105 by\u0107 zatwierdzone. Stubresolwery to po prostu skonstruowane programy, kt\u00f3re mog\u0105 ca\u0142kowicie rozwi\u0105za\u0107 dan\u0105 nazw\u0119. Nawet w rekurencyjnym serwerze nazw. Aby rozwi\u0105za\u0107 problem z nazw\u0105, stubresolwer wysy\u0142a \u017c\u0105danie do serwera nazw w sieci lokalnej lub w sieci o nazwie <a href=\"https:\/\/webhosting.de\/pl\/internetdienstanbieter-isp-2\/\">ISP<\/a>...og\u0142oszony dostawca us\u0142ug internetowych.<\/p>\n<p>Ustawiony jest bit DO, kt\u00f3ry mo\u017ce powiedzie\u0107 resolverowi serwera nazw, \u017ce rekord ma by\u0107 sprawdzony. Stubresolwer musi obs\u0142ugiwa\u0107 rozszerzenie EDNS dnssec. Tak wi\u0119c serwer mo\u017ce by\u0107 r\u00f3wnie\u017c konfoguratowany. Oznacza to, \u017ce walidacja mo\u017ce by\u0107 zawsze przeprowadzona.<\/p>\n<p>Jest to niezale\u017cne od zawarto\u015bci i obecno\u015bci bitu DO. Je\u015bli serwer zwr\u00f3ci og\u00f3lny b\u0142\u0105d, co\u015b posz\u0142o nie tak. Je\u015bli si\u0119 uda\u0142o, serwer daje odpowied\u017a bitow\u0105 AD. AD oznacza dane uwierzytelnione. W przypadku stubresolwera nie jest mo\u017cliwe wykrycie, czy b\u0142\u0105d jest spowodowany nieudan\u0105 walidacj\u0105, czy te\u017c ma inn\u0105 przyczyn\u0119. Przyczyn\u0105 mo\u017ce by\u0107 awaria zasilania lub serwera nazw w \u017c\u0105danej nazwie domeny.<\/p>","protected":false},"excerpt":{"rendered":"<p>Domain Name System Security Extensions Die dnssec ist eine Reihe von Standarten im Internet, die eine Gew\u00e4hrleistung von Sicherheitsmechanismen geben. Diese unterliegen auch der Authentizit\u00e4t und der Integrit\u00e4t der Daten. Ein Teilnehmer des dnssec kann bestimmte Zonendaten verifizieren. Dieser kann auch pr\u00fcfen ob die DNS-Zonendaten identisch sind mit denen die ein Ersteller von der Zone [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1197,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_crdt_document":"","inline_featured_image":false,"footnotes":""},"categories":[732],"tags":[],"class_list":["post-4397","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-lexikon"],"acf":[],"_wp_attached_file":null,"_wp_attachment_metadata":null,"litespeed-optimize-size":null,"litespeed-optimize-set":null,"_elementor_source_image_hash":null,"_wp_attachment_image_alt":null,"stockpack_author_name":null,"stockpack_author_url":null,"stockpack_provider":null,"stockpack_image_url":null,"stockpack_license":null,"stockpack_license_url":null,"stockpack_modification":null,"color":null,"original_id":null,"original_url":null,"original_link":null,"unsplash_location":null,"unsplash_sponsor":null,"unsplash_exif":null,"unsplash_attachment_metadata":null,"_elementor_is_screenshot":null,"surfer_file_name":null,"surfer_file_original_url":null,"envato_tk_source_kit":null,"envato_tk_source_index":null,"envato_tk_manifest":null,"envato_tk_folder_name":null,"envato_tk_builder":null,"envato_elements_download_event":null,"_menu_item_type":null,"_menu_item_menu_item_parent":null,"_menu_item_object_id":null,"_menu_item_object":null,"_menu_item_target":null,"_menu_item_classes":null,"_menu_item_xfn":null,"_menu_item_url":null,"_trp_menu_languages":null,"rank_math_primary_category":null,"rank_math_title":null,"inline_featured_image":null,"_yoast_wpseo_primary_category":null,"rank_math_schema_blogposting":null,"rank_math_schema_videoobject":null,"_oembed_049c719bc4a9f89deaead66a7da9fddc":null,"_oembed_time_049c719bc4a9f89deaead66a7da9fddc":null,"_yoast_wpseo_focuskw":"dnssec","_yoast_wpseo_linkdex":null,"_oembed_27e3473bf8bec795fbeb3a9d38489348":null,"_oembed_c3b0f6959478faf92a1f343d8f96b19e":null,"_trp_translated_slug_en_us":null,"_wp_desired_post_slug":null,"_yoast_wpseo_title":null,"tldname":null,"tldpreis":null,"tldrubrik":null,"tldpolicylink":null,"tldsize":null,"tldregistrierungsdauer":null,"tldtransfer":null,"tldwhoisprivacy":null,"tldregistrarchange":null,"tldregistrantchange":null,"tldwhoisupdate":null,"tldnameserverupdate":null,"tlddeletesofort":null,"tlddeleteexpire":null,"tldumlaute":null,"tldrestore":null,"tldsubcategory":null,"tldbildname":null,"tldbildurl":null,"tldclean":null,"tldcategory":null,"tldpolicy":null,"tldbesonderheiten":null,"tld_bedeutung":null,"_oembed_d167040d816d8f94c072940c8009f5f8":null,"_oembed_b0a0fa59ef14f8870da2c63f2027d064":null,"_oembed_4792fa4dfb2a8f09ab950a73b7f313ba":null,"_oembed_33ceb1fe54a8ab775d9410abf699878d":null,"_oembed_fd7014d14d919b45ec004937c0db9335":null,"_oembed_21a029d076783ec3e8042698c351bd7e":null,"_oembed_be5ea8a0c7b18e658f08cc571a909452":null,"_oembed_a9ca7a298b19f9b48ec5914e010294d2":null,"_oembed_f8db6b27d08a2bb1f920e7647808899a":null,"_oembed_168ebde5096e77d8a89326519af9e022":null,"_oembed_cdb76f1b345b42743edfe25481b6f98f":null,"_oembed_87b0613611ae54e86e8864265404b0a1":null,"_oembed_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_oembed_time_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_tldname":null,"_tldclean":null,"_tldpreis":null,"_tldcategory":null,"_tldsubcategory":null,"_tldpolicy":null,"_tldpolicylink":null,"_tldsize":null,"_tldregistrierungsdauer":null,"_tldtransfer":null,"_tldwhoisprivacy":null,"_tldregistrarchange":null,"_tldregistrantchange":null,"_tldwhoisupdate":null,"_tldnameserverupdate":null,"_tlddeletesofort":null,"_tlddeleteexpire":null,"_tldumlaute":null,"_tldrestore":null,"_tldbildname":null,"_tldbildurl":null,"_tld_bedeutung":null,"_tldbesonderheiten":null,"_oembed_ad96e4112edb9f8ffa35731d4098bc6b":null,"_oembed_8357e2b8a2575c74ed5978f262a10126":null,"_oembed_3d5fea5103dd0d22ec5d6a33eff7f863":null,"_eael_widget_elements":null,"_oembed_0d8a206f09633e3d62b95a15a4dd0487":null,"_oembed_time_0d8a206f09633e3d62b95a15a4dd0487":null,"_aioseo_description":null,"_eb_attr":null,"_eb_data_table":null,"_oembed_819a879e7da16dd629cfd15a97334c8a":null,"_oembed_time_819a879e7da16dd629cfd15a97334c8a":null,"_acf_changed":null,"_wpcode_auto_insert":null,"_edit_last":null,"_edit_lock":null,"_oembed_e7b913c6c84084ed9702cb4feb012ddd":null,"_oembed_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_time_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_03514b67990db061d7c4672de26dc514":null,"_oembed_time_03514b67990db061d7c4672de26dc514":null,"rank_math_news_sitemap_robots":"index","rank_math_robots":["index"],"_eael_post_view_count":"3862","_trp_automatically_translated_slug_ru_ru":null,"_trp_automatically_translated_slug_et":"dnssec","_trp_automatically_translated_slug_lv":"dnssec","_trp_automatically_translated_slug_fr_fr":null,"_trp_automatically_translated_slug_en_us":null,"_wp_old_slug":null,"_trp_automatically_translated_slug_da_dk":null,"_trp_automatically_translated_slug_pl_pl":null,"_trp_automatically_translated_slug_es_es":null,"_trp_automatically_translated_slug_hu_hu":null,"_trp_automatically_translated_slug_fi":"dnssec","_trp_automatically_translated_slug_ja":"%e3%83%87%e3%82%a3%e3%83%bc%e3%82%a8%e3%83%8c%e3%82%b7%e3%83%bc%e3%82%bb%e3%83%83%e3%82%af","_trp_automatically_translated_slug_lt_lt":null,"_elementor_edit_mode":null,"_elementor_template_type":null,"_elementor_version":null,"_elementor_pro_version":null,"_wp_page_template":"default","_elementor_page_settings":null,"_elementor_data":null,"_elementor_css":null,"_elementor_conditions":null,"_happyaddons_elements_cache":null,"_oembed_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_time_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_time_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_59808117857ddf57e478a31d79f76e4d":null,"_oembed_time_59808117857ddf57e478a31d79f76e4d":null,"_oembed_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_time_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_81002f7ee3604f645db4ebcfd1912acf":null,"_oembed_time_81002f7ee3604f645db4ebcfd1912acf":null,"_elementor_screenshot":null,"_oembed_7ea3429961cf98fa85da9747683af827":null,"_oembed_time_7ea3429961cf98fa85da9747683af827":null,"_elementor_controls_usage":null,"_elementor_page_assets":[],"_elementor_screenshot_failed":null,"theplus_transient_widgets":["tp-video-player"],"_eael_custom_js":null,"_wp_old_date":null,"_trp_automatically_translated_slug_it_it":null,"_trp_automatically_translated_slug_pt_pt":null,"_trp_automatically_translated_slug_zh_cn":null,"_trp_automatically_translated_slug_nl_nl":null,"_trp_automatically_translated_slug_pt_br":null,"_trp_automatically_translated_slug_sv_se":null,"rank_math_analytic_object_id":"845","rank_math_internal_links_processed":null,"_trp_automatically_translated_slug_ro_ro":null,"_trp_automatically_translated_slug_sk_sk":null,"_trp_automatically_translated_slug_bg_bg":null,"_trp_automatically_translated_slug_sl_si":null,"litespeed_vpi_list":["webhostinglogo.png"],"litespeed_vpi_list_mobile":["webhostinglogo.png"],"rank_math_seo_score":null,"rank_math_contentai_score":null,"ilj_limitincominglinks":null,"ilj_maxincominglinks":null,"ilj_limitoutgoinglinks":null,"ilj_maxoutgoinglinks":null,"ilj_limitlinksperparagraph":null,"ilj_linksperparagraph":null,"ilj_blacklistdefinition":null,"ilj_linkdefinition":["dnssec"],"_eb_reusable_block_ids":null,"rank_math_focus_keyword":"dnssec","rank_math_og_content_image":null,"_yoast_wpseo_metadesc":"","_yoast_wpseo_content_score":null,"_yoast_wpseo_focuskeywords":null,"_yoast_wpseo_keywordsynonyms":null,"_yoast_wpseo_estimated-reading-time-minutes":null,"rank_math_description":null,"surfer_last_post_update":null,"surfer_last_post_update_direction":null,"surfer_keywords":null,"surfer_location":null,"surfer_draft_id":null,"surfer_permalink_hash":null,"surfer_scrape_ready":null,"_thumbnail_id":"1197","footnotes":null,"_links":{"self":[{"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/posts\/4397","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/comments?post=4397"}],"version-history":[{"count":0,"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/posts\/4397\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/media\/1197"}],"wp:attachment":[{"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/media?parent=4397"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/categories?post=4397"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhosting.de\/pl\/wp-json\/wp\/v2\/tags?post=4397"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}