• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 972
  • Last Modified:

DNS Spoofing attack prevention

Can any one explain to me on how to configure two things for Windows Server 2008 R2 DNS Server.

(1) .Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure.

(2) Server
Spoofed Request Amplification DDoS

For Item (2) is related to DNS Server. How to configure DNS Server to prevent spoofed attack?

Regards,
Zaw Tun Naing
0
mikenus
Asked:
mikenus
2 Solutions
 
Rick HobbsRETIREDCommented:
For question 1, step by step is here:

http://www.adminhorror.com/2011/10/enable-tls-11-and-tls-12-on-windows_1853.html

For question 2, if you don't have recursion disabled, disable it!
0
 
asavenerCommented:
For 2, you just have to limit the addresses that are allowed to access the DNS server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now