Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2280
  • Last Modified:

DNS Server Cache Snooping Remote Information Disclosure

The remote DNS server responds to queries for third-party domains that do not have the recursion bit set. This may allow a remote attacker to determine which domains have recently been resolved via this name server, and therefore which hosts have been recently visited. For instance, if an attacker was interested in whether your company utilizes the online services of a particular financial institution,
they would be able to use this attack to build a statistical model regarding company usage of that financial institution. Of course, the attack can also be used to find B2B partners, web-surfing patterns,
external mail servers, and more.
Note: If this is an internal DNS server not accessable to outside networks, attacks would be limited to the internal network. This may include employees, consultants and potentially users on a guest network or WiFi connection if supported.

Please provide your recommendations
0
Yogesh_Exchange_Expert
Asked:
Yogesh_Exchange_Expert
  • 3
  • 2
1 Solution
 
Krzysztof PytkoActive Directory EngineerCommented:
0
 
Yogesh_Exchange_ExpertAuthor Commented:
Actually i got this query from some one else can you please explain what is this risk in simple words
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Is this internal or external DNS server(s) ?

Krzysztof
0
 
Yogesh_Exchange_ExpertAuthor Commented:
internal DNS with windows server 2003. any thing we can suggest to make it secure.
0
 
Yogesh_Exchange_ExpertAuthor Commented:
ok
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now