Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DNS cache poisoning?

from [chad] Network Security [Permanent Link]
Subject: Re: DNS cache poisoning?
Date: Tue, 16 Aug 2005 21:52:49 -0400 
Willard,

    Your first step should be to remove your DNS services 
from that WinNT box to something that is less vulnerable and 
start using a BIND based DNS solution. Any Linux/Unix type 
platform will work. If you look in your WinNT\System32\dns 
directory you will find the actual DNS zone files. You may 
find the cause of the DNS error has been saved there, or it 
may be caused over the network and affecting your cache.

    If you have been a victim of DNS Cache poisoning, it 
comes off of the predictability of the Query ID generated by 
your system. Upgrading to a BIND 9 nameserver can help in 
this case, plus add in numerous other security features in 
your DNS infrastructure. The fact that the error point to 
networksolutions.com means nothing... other than whoever is 
causing your headaches wants you to blame networksolutions.

If you need help setting up your nameserver on BIND 9, check 
out the DNS & BIND 4th Ed by Cricket Liu (for long 
answers/explanations) or the DNS Cookbook by Cricket Liu 
(for shorter answers/explanations). Feel free to drop me a 
line on the side if you need more help getting BIND 9 
installed and running or help with some of the security 
features.

Good luck,
Chad
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: New Virus?, James C Slora Jr
Next by Date:  Re: DNS cache poisoning?, Willard Van Dyne
Previous by Thread:  RE: DNS cache poisoning?, James C Slora Jr
Next by Thread:  Re: DNS cache poisoning?, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Indexes:  [Date] [Thread] [Top] [All Lists]