DNS Spoofing attack prevention
Can any one explain to me on how to configure two things for Windows Server 2008 R2 DNS Server.
(1) .Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure.
(2) Server
Spoofed Request Amplification DDoS
For Item (2) is related to DNS Server. How to configure DNS Server to prevent spoofed attack?
Regards,
Zaw Tun Naing
(1) .Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure.
(2) Server
Spoofed Request Amplification DDoS
For Item (2) is related to DNS Server. How to configure DNS Server to prevent spoofed attack?
Regards,
Zaw Tun Naing
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
For question 1, step by step is here:
http://www.adminhorror.com/2011/10/enable-tls-11-and-tls-12-on-windows_1853.html
For question 2, if you don't have recursion disabled, disable it!
http://www.adminhorror.com/2011/10/enable-tls-11-and-tls-12-on-windows_1853.html
For question 2, if you don't have recursion disabled, disable it!
Premium Content
You need an Expert Office subscription to comment.Start Free Trial