Registry key for "QueryIpMatching"From: Makoto Shiotsuki (firstname.lastname@example.org)
- Previous message: Laura A. Robinson: "Re: Setting Account Lockout Policies with a NT PDC"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Jul 2002 13:30:41 +0900 To: email@example.com From: Makoto Shiotsuki <firstname.lastname@example.org>
As described in the CERT Vulnerability Note VU#458659, there is
a registry entry "QueryIpMatching" to prevent W2K DNS resolver
from accepting responses from non-queried DNS servers.
Many documents including VU#458659, ISS X-Force#4280, and DNS
white papers from Microsoft indicate that the registry location
for "QueryIpMatching" is;
But as far as I and another person tried, correct location is;
This registry location (...\Tcpip\Parameters) is described in
"Microsoft Windows 2000 TCP/IP Implementation Details".
I hope this confusion will be cleared up.
CERT/CC Vulnerability Note VU#458659
ISS X-Force win2k-dns-resolver (4280)
DNS Caching, Network Prioritization, and Security
Microsoft Windows 2000 TCP/IP Implementation Details
(Thanks Noda-san for the testing ;)