Security Scan Result. DNS server is vulnerable to cache snooping attacks.

Posted on 2009-04-16
Last Modified: 2012-05-06

We have two external DNS and two internal DNS. All are MS DNS and as part of security assesment we got a comment on one of our external DNS that

DNS server is vulnerable to cache snooping attacks.

The remote DNS server answers to queries for third-party domains which do not have the recursion bit set. This may allow a remote attacker to determine which domains have
recently been resolved via this name server, and therefore which hosts
have been recently visited.

How can i solve the isue?


Question by:qman2007
    1 Comment
    LVL 6

    Accepted Solution

    "In the server properties on the dns server you need to disable
    recursion so that all external queries other than for locally hosted records
    are not answered."

    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
    Synchronize a new Active Directory domain with an existing Office 365 tenant
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now