Microsoft
Software
Hardware
Network
Question : DNS Cache Probing, need edits to DNS to satisfy security requirements
My e-commerce client received a security audit from their merchant account company. The text below describes what they want me to fix, including a reference link. I have no idea what any of this means. The DNS is hosted by Network Solutions, I am using their built-in DNS manager to point MX and A records to the right IP addresses. Is this something I can fix? Thank you!
DNS Cache Probing
It was possible to receive answers from this DNS server for non-recursive queries
for third-party domains. For an attacker, if a DNS answer to the non-recursive query
is received, this indicates that a domain has recently been resolved by the DNS
server (and, theoretically, other hosts that use the server). No response indicates that
the queried domain was not recently resolved. This can allow an attacker to discover
domains a queried by other hosts using this server, which might give an indication
of web-browsing habits or domains accessed for business purposes.
CVSSv2: AV:N/AC:L/Au:N/C:P/I:N/A:N
(5)
Reference:
http://www.bind9.net/manua
l/bind/9.3
.1/
Bv9ARM.
ch04.html#
AEN767
Answer : DNS Cache Probing, need edits to DNS to satisfy security requirements
No. This is a DNS configuration file change. They need to restrict data from cache to only trusted networks.
You might open a ticket to see if this can be changed.
Random Solutions
Using VLookup for Data Validation
Office Word 2007
web design vs dev
How to delete Clonezilla Images
301 redirect htaccess issue
Cannot Replicate FREEBUSY from Exchange 2003 to Exchange 2010 - EVENT 14029, 4003,
NFS share on FreeNAS
Cannot access LAN on Cisco Valet M10 wireless router
sql server 2005 keyboard shortcuts
Black screen of death upon turning PC On