• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 964
  • Last Modified:

DNS Spoofing attack prevention

Can any one explain to me on how to configure two things for Windows Server 2008 R2 DNS Server.

(1) .Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure.

(2) Server
Spoofed Request Amplification DDoS

For Item (2) is related to DNS Server. How to configure DNS Server to prevent spoofed attack?

Regards,
Zaw Tun Naing
0
mikenus
Asked:
mikenus
2 Solutions
 
Rick HobbsRETIREDCommented:
For question 1, step by step is here:

http://www.adminhorror.com/2011/10/enable-tls-11-and-tls-12-on-windows_1853.html

For question 2, if you don't have recursion disabled, disable it!
0
 
asavenerCommented:
For 2, you just have to limit the addresses that are allowed to access the DNS server.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now