Re: Help DNS cache poisoning
anonymous_at_discussions.microsoft.com
Date: 09/29/04
- Next message: Saga: "Recommendation to eliminate this..."
- Previous message: Dan: "Re: BACKDOOR.SDBOOT - Virus"
- In reply to: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
- Next in thread: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
- Reply: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Sep 2004 09:56:59 -0700
>-----Original Message-----
>Tony wrote:
>> We are running a WIN2K server with DNS that was
exploited
>> with DNS cache poisoning. It was trying to redirect our
>> email to another server. We found what appeared to be a
>> fix in the MS knowledgebase article 241352.
><snip
>>
>> When we checked this on the server there was no value in
>> the registry, but when going through the gui the Secure
>> cache against pollution box was checked.
>> Should there also be a registry setting when this check
>> box is enabled?
>> Any ideas how this server could get exploited with this
>> setting enabled?
>
>What inbound ports are open in your firewall?
>>
>> ANy assistance would be greatly appreciated.
>
>open ports are 25 (SMTP) and 23 (Telnet). This server
resides on the DMZ.
>.
>
- Next message: Saga: "Recommendation to eliminate this..."
- Previous message: Dan: "Re: BACKDOOR.SDBOOT - Virus"
- In reply to: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
- Next in thread: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
- Reply: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
