[Current] DNS Poisoning on Microsoft

James Bruce jbruce at unitedscience.com
Thu Apr 7 14:00:26 GMT 2005


Hey Allen, Glenn,

Please read the latest handlers diary at sans.
http://isc.sans.org/

-How to prevent DNS cache pollution
http://support.microsoft.com/default.aspx?scid=kb;en-us;241352

By default, on Windows 2000 Service Pack 1 (SP1) and Windows 2000
Service Pack 2 (SP2), this key does not exist and non-secure data is not
eliminated from responses. Although DNS cache pollution protection is
enabled by default in Windows 2000 SP3 and later, the registry key does
not exist and is not needed. The only reason to create this registry key
is to disable DNS cache pollution protection. For more information about
DNS cache pollution protection, click the following article number to
view the article in the Microsoft Knowledge Base:


-----Original Message-----
From: current-bounces at dshield.org [mailto:current-bounces at dshield.org]
On Behalf Of Allen McRay
Sent: Wednesday, April 06, 2005 9:57 AM
To: Discuss current INFOSEC events.
Subject: RE: [Current] DNS Poisoning on Microsoft

Same here Glenn, 5 machines, all required the manual addition....  fwiw

Allen


-----Original Message-----
From: current-bounces at dshield.org [mailto:current-bounces at dshield.org]On
Behalf Of GYamamoto at warrenshepell.com
Sent: Wednesday, April 06, 2005 9:25 AM
To: current at dshield.org
Subject: [Current] DNS Poisoning on Microsoft



According to your notes this morning, Microsoft is patched with SP3 for
Windows 2000 server with DNS.  I found that I still had to add the value
to
the registry following the link I found on their site.

Glenn

_______________________________________________
Current mailing list
Current at dshield.org
http://www.dshield.org/mailman/listinfo/current



More information about the Current mailing list