DNS Cache Snooping vulnerabilty
Robert Spangler
mlists at zoominternet.net
Tue Sep 9 21:41:18 UTC 2008
On Tuesday 09 September 2008 10:32, Saulo Medeiros de Araújo wrote:
> Hello to eveyone!
> I trying to solve the DNS Cache Snooping vulnerabilty, detected by Nessus,
> but i'm having some dificuties.
>
> I found in my searchs some safer BIND configurations to prevent cache
> snooping attacks. So i've inserted those following lines in my named.conf
> file:
>
> acl "trusted" {
> 10.0.0.0/16;
> localhost;
> };
>
> And added those following lines in my named.conf.options file:
>
> allow-query { trusted; };
> allow-recursion { trusted; };
> allow-query-cache { trusted; };
>
> But i'm still getting the Nessus alert. Does anyone have some ideia to
> solve this problem?
Could it be that you are scanning from the 10.0.0.0/16 network?
If you are on the trusted network you are allowed access to everything.
--
Regards
Robert
It is not just an adventure.
It is my job!!
Linux User #296285
http://counter.li.org
More information about the bind-users
mailing list