• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 968
  • Last Modified:

DNS Spoofing attack prevention

Can any one explain to me on how to configure two things for Windows Server 2008 R2 DNS Server.

(1) .Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure.

(2) Server
Spoofed Request Amplification DDoS

For Item (2) is related to DNS Server. How to configure DNS Server to prevent spoofed attack?

Zaw Tun Naing
2 Solutions
Rick HobbsRETIREDCommented:
For question 1, step by step is here:


For question 2, if you don't have recursion disabled, disable it!
For 2, you just have to limit the addresses that are allowed to access the DNS server.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now