Microsoft
Software
Hardware
Network
Question : DNS Cache Probing, need edits to DNS to satisfy security requirements
My e-commerce client received a security audit from their merchant account company. The text below describes what they want me to fix, including a reference link. I have no idea what any of this means. The DNS is hosted by Network Solutions, I am using their built-in DNS manager to point MX and A records to the right IP addresses. Is this something I can fix? Thank you!
DNS Cache Probing
It was possible to receive answers from this DNS server for non-recursive queries
for third-party domains. For an attacker, if a DNS answer to the non-recursive query
is received, this indicates that a domain has recently been resolved by the DNS
server (and, theoretically, other hosts that use the server). No response indicates that
the queried domain was not recently resolved. This can allow an attacker to discover
domains a queried by other hosts using this server, which might give an indication
of web-browsing habits or domains accessed for business purposes.
CVSSv2: AV:N/AC:L/Au:N/C:P/I:N/A:N
(5)
Reference:
http://www.bind9.net/manua
l/bind/9.3
.1/
Bv9ARM.
ch04.html#
AEN767
Answer : DNS Cache Probing, need edits to DNS to satisfy security requirements
No. This is a DNS configuration file change. They need to restrict data from cache to only trusted networks.
You might open a ticket to see if this can be changed.
Random Solutions
Dell desktop will not boot
How can I create a list from a starting number and ending number in Excel?
windrose chart in excel 2003/2007
Excel Chart Library Development in VB.NET/C#
Where are mappings for XML files set inside of Eclips
CSS wrong MIME type in Firefox on Apache, AddType text/css .css is there
What can be done with huge files that cannot be defragmented?
Compare two excel files
Anyone knows what this fruit is called in english and if I can buy it in the USA somewhere even online
How do I see what traffic is traversing my Cisco 2811 router?