Re: Help DNS cache poisoning
From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 09/30/04
- Next message: River_Rat: "Re: Virus prob need HELP please"
- Previous message: David H. Lipman: "Re: backdoor trojan in windows XP"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: Help DNS cache poisoning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Sep 2004 22:09:07 -0400
anonymous@discussions.microsoft.com wrote:
>> -----Original Message-----
>> Tony wrote:
>>> We are running a WIN2K server with DNS that was exploited
>>> with DNS cache poisoning. It was trying to redirect our
>>> email to another server. We found what appeared to be a
>>> fix in the MS knowledgebase article 241352.
>> <snip
>>>
>>> When we checked this on the server there was no value in
>>> the registry, but when going through the gui the Secure
>>> cache against pollution box was checked.
>>> Should there also be a registry setting when this check
>>> box is enabled?
>>> Any ideas how this server could get exploited with this
>>> setting enabled?
>>
>> What inbound ports are open in your firewall?
>>>
>>> ANy assistance would be greatly appreciated.
>>
>> open ports are 25 (SMTP) and 23 (Telnet). This server resides on the
>> DMZ. .
Are you using forwarders, or relying on root hints?
- Next message: River_Rat: "Re: Virus prob need HELP please"
- Previous message: David H. Lipman: "Re: backdoor trojan in windows XP"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: Help DNS cache poisoning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
