Re: Help DNS cache poisoning
From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 09/29/04
- Previous message: Br0wnbear: "Re: BACKDOOR.SDBOOT - Virus"
- In reply to: Tony: "Help DNS cache poisoning"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Help DNS cache poisoning"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Help DNS cache poisoning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Sep 2004 11:34:26 -0400
Tony wrote:
> We are running a WIN2K server with DNS that was exploited
> with DNS cache poisoning. It was trying to redirect our
> email to another server. We found what appeared to be a
> fix in the MS knowledgebase article 241352.
<snip
>
> When we checked this on the server there was no value in
> the registry, but when going through the gui the Secure
> cache against pollution box was checked.
> Should there also be a registry setting when this check
> box is enabled?
> Any ideas how this server could get exploited with this
> setting enabled?
What inbound ports are open in your firewall?
>
> ANy assistance would be greatly appreciated.
- Previous message: Br0wnbear: "Re: BACKDOOR.SDBOOT - Virus"
- In reply to: Tony: "Help DNS cache poisoning"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Help DNS cache poisoning"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Help DNS cache poisoning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
