[dns-operations] Client Side Issues
Jon.Kibler at aset.com
Fri Jul 25 14:45:54 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Okay, we have been flogging DNS *SERVER* issues to death for the last
couple of weeks. Now, I would like to switch sides and talk about client
By default, all windows systems run a service call DNS Client. It is my
understanding that this is a caching resolver. Is this vulnerable? Has
Microsoft patched it? (I have never seen a need for this service, so for
a couple of years now, I have been advising my clients to disable this
service via a group policy.)
I have never really spent any time looking at the BIND light weight
resolver. Is is similar to the Windows DNS Client software? Are there
vulnerability issues with it?
I guess these questions really should be more general: What are the
client side issues to with this vulnerability, what should be done about
them, and are all the client side resolvers patched? ETCETERA.
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
More information about the dns-operations