Bayt.com

Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

What are the recommendations to prevent DNS cache poisoning?

DNS
user-image
Question added by Khandakar Ashfaqur Rahman , Head Of Network , Smart Network Ltd
Date Posted: 2013/08/30
Upvote (0) Views (5) Followers (1) Answers (1) Report Question
Write an Answer
Register now or log in to answer.
Viswanadhan Punathil
by Viswanadhan Punathil , Server Administrator , aforeserve.com Ltd

Keep your resolver private and protected. Protections built in to DNS software to protect against cache poisoning include adding variability to outgoing requests, to make it harder for a hacker to get a bogus response accepted. Possible ways of doing this include:

  • using a random source port (instead of UDP port53)
  • randomizing the query ID
  • randomizing the case of the letters of the domain names that are sent out to be resolved. (That's because name servers will treat example.com and ExaMPle.com the same when it comes to resolving the IP address, but it will reply using the same case as the original query.)

Write Your Answer
More Questions Like This

Do you need help in adding the right keywords to your CV? Let our CV writing experts help you.

Get Help