[Current] DNS Poisoning on Microsoft
James Bruce
jbruce at unitedscience.com
Thu Apr 7 14:00:26 GMT 2005
Hey Allen, Glenn,
Please read the latest handlers diary at sans.
http://isc.sans.org/
-How to prevent DNS cache pollution
http://support.microsoft.com/default.aspx?scid=kb;en-us;241352
By default, on Windows 2000 Service Pack 1 (SP1) and Windows 2000
Service Pack 2 (SP2), this key does not exist and non-secure data is not
eliminated from responses. Although DNS cache pollution protection is
enabled by default in Windows 2000 SP3 and later, the registry key does
not exist and is not needed. The only reason to create this registry key
is to disable DNS cache pollution protection. For more information about
DNS cache pollution protection, click the following article number to
view the article in the Microsoft Knowledge Base:
-----Original Message-----
From: current-bounces at dshield.org [mailto:current-bounces at dshield.org]
On Behalf Of Allen McRay
Sent: Wednesday, April 06, 2005 9:57 AM
To: Discuss current INFOSEC events.
Subject: RE: [Current] DNS Poisoning on Microsoft
Same here Glenn, 5 machines, all required the manual addition.... fwiw
Allen
-----Original Message-----
From: current-bounces at dshield.org [mailto:current-bounces at dshield.org]On
Behalf Of GYamamoto at warrenshepell.com
Sent: Wednesday, April 06, 2005 9:25 AM
To: current at dshield.org
Subject: [Current] DNS Poisoning on Microsoft
According to your notes this morning, Microsoft is patched with SP3 for
Windows 2000 server with DNS. I found that I still had to add the value
to
the registry following the link I found on their site.
Glenn
_______________________________________________
Current mailing list
Current at dshield.org
http://www.dshield.org/mailman/listinfo/current
More information about the Current
mailing list