What are the recommendations to prevent DNS cache poisoning?

Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Next Question:
How clear is DNS cache in client Machine ?
Posted by:
Abeer Pallath House
24-May-2016

DNS

Question ajoutée par Khandakar Ashfaqur Rahman , Head Of Network , Smart Network Ltd
Date de publication: 2013/08/30

Apprécier (0) Vues (5) Suiveurs (1) Réponses (1) Report Question

Ajoutez Une Réponse
Inscrivez-vous ou connectez-vous pour répondre.

1 Réponses

par Viswanadhan Punathil , Server Administrator , aforeserve.com Ltd

Keep your resolver private and protected. Protections built in to DNS software to protect against cache poisoning include adding variability to outgoing requests, to make it harder for a hacker to get a bogus response accepted. Possible ways of doing this include:

using a random source port (instead of UDP port53)
randomizing the query ID
randomizing the case of the letters of the domain names that are sent out to be resolved. (That's because name servers will treat example.com and ExaMPle.com the same when it comes to resolving the IP address, but it will reply using the same case as the original query.)

Apprécier (0)

Déprécier Réponses () Rapport