ekerazha
07-02-2006, 20:30
Magari qualcuno di voi lo conosce già, ma ho trovato per caso questo articolo... e in fondo alla pagina c'è un trucchetto che secondo me potrebbe appunto proteggere Windows (Windows XP) da eventuali tentativi di attacco attraverso dns poisoning...
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/windows/xp/all/reskit/en-us/prjj_ipa_vitx.asp
Preventing the Resolver from Accepting Responses from Nonqueried Servers
By default, the resolver accepts responses from servers that it did not query, as well as from those it did. This presents a possible security liability, in that unauthorized DNS servers might pass along invalid A resource records for the purpose of misdirecting subsequent DNS queries. If you want to disable this feature, add the registry entry QueryIpMatching with a value of 1 (REG_DWORD data type) to the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DnsCache\Parameters
Fatemi sapere cosa ne pensate ;)
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/windows/xp/all/reskit/en-us/prjj_ipa_vitx.asp
Preventing the Resolver from Accepting Responses from Nonqueried Servers
By default, the resolver accepts responses from servers that it did not query, as well as from those it did. This presents a possible security liability, in that unauthorized DNS servers might pass along invalid A resource records for the purpose of misdirecting subsequent DNS queries. If you want to disable this feature, add the registry entry QueryIpMatching with a value of 1 (REG_DWORD data type) to the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DnsCache\Parameters
Fatemi sapere cosa ne pensate ;)