<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
We have two external DNS and two internal DNS. All are MS DNS and as part of security assesment we got a comment on one of our external DNS that <br />
<br />
DNS server is vulnerable to cache snooping attacks.<br />
<br />
The remote DNS server answers to queries for third-party domains which do not have the recursion bit set. This may allow a remote attacker to determine which domains have<br />
recently been resolved via this name server, and therefore which hosts<br />
have been recently visited.<br />
<br />
How can i solve the isue?<br />
<br />
Tahnks<br />
<br />
Qman
</div>
</div>


Hi,

We have two external DNS and two internal DNS. All are MS DNS and as part of security assesment we got a comment on one of our external DNS that 

DNS server is vulnerable to cache snooping attacks.

The remote DNS server answers to queries for third-party domains which do not have the recursion bit set. This may allow a remote attacker to determine which domains have
recently been resolved via this name server, and therefore which hosts
have been recently visited.

How can i solve the isue?

Tahnks

Qman

Security Scan Result. DNS server is vulnerable to cache snooping attacks.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.