Microsoft
Software
Hardware
Network
Question : DNS Cache Probing, need edits to DNS to satisfy security requirements
My e-commerce client received a security audit from their merchant account company. The text below describes what they want me to fix, including a reference link. I have no idea what any of this means. The DNS is hosted by Network Solutions, I am using their built-in DNS manager to point MX and A records to the right IP addresses. Is this something I can fix? Thank you!
DNS Cache Probing
It was possible to receive answers from this DNS server for non-recursive queries
for third-party domains. For an attacker, if a DNS answer to the non-recursive query
is received, this indicates that a domain has recently been resolved by the DNS
server (and, theoretically, other hosts that use the server). No response indicates that
the queried domain was not recently resolved. This can allow an attacker to discover
domains a queried by other hosts using this server, which might give an indication
of web-browsing habits or domains accessed for business purposes.
CVSSv2: AV:N/AC:L/Au:N/C:P/I:N/A:N
(5)
Reference:
http://www.bind9.net/manua
l/bind/9.3
.1/
Bv9ARM.
ch04.html#
AEN767
Answer : DNS Cache Probing, need edits to DNS to satisfy security requirements
No. This is a DNS configuration file change. They need to restrict data from cache to only trusted networks.
You might open a ticket to see if this can be changed.
Random Solutions
How to write script for the requirment?
Remove row if column B and C are empty
DB2 vs SQLServer
DELPHI - DATEDIFF
E72 - How to make email work without activating data services?
I need to accumulate the values in query
Please help me come up with a specific Linux hard drive imaging process
XSLT Element ordering within templates.
file share
I want to make Liberty reserve API