[dns-operations] Client Side Issues
Jon Kibler
Jon.Kibler at aset.com
Fri Jul 25 14:45:54 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All,
Okay, we have been flogging DNS *SERVER* issues to death for the last
couple of weeks. Now, I would like to switch sides and talk about client
side issues.
By default, all windows systems run a service call DNS Client. It is my
understanding that this is a caching resolver. Is this vulnerable? Has
Microsoft patched it? (I have never seen a need for this service, so for
a couple of years now, I have been advising my clients to disable this
service via a group policy.)
I have never really spent any time looking at the BIND light weight
resolver. Is is similar to the Windows DNS Client software? Are there
vulnerability issues with it?
I guess these questions really should be more general: What are the
client side issues to with this vulnerability, what should be done about
them, and are all the client side resolvers patched? ETCETERA.
Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkiJ5yIACgkQUVxQRc85QlPF5QCfZdwe2uxw2lY5j7ByuojPI8xO
xe4AniYUg76l8jUcaJThHfyemBBvm2fr
=C+ix
-----END PGP SIGNATURE-----
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
More information about the dns-operations
mailing list