We have two external DNS and two internal DNS. All are MS DNS and as part of security assesment we got a comment on one of our external DNS that
DNS server is vulnerable to cache snooping attacks.
The remote DNS server answers to queries for third-party domains which do not have the recursion bit set. This may allow a remote attacker to determine which domains have
recently been resolved via this name server, and therefore which hosts
have been recently visited.
How can i solve the isue?