|
Hi, can someone either confirm or set me straight on this one…
We have “Secure Cache Against Pollution” enabled on our Win2K SP4 DNS servers. However, our Retina scans were still showing that the servers were vulnerable to that type of compromise. One of the other folks here researched it and found that we first have to create a reg entry in the path HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters called SecureResponses. Then make the Value 1.
Is that valid (that we need to do that on each DNS server) or did we misunderstand something?
Thanks!
Mark Creamer
|
- RE: [ActiveDir] DNS Registry entry Creamer, Mark
