Monday, April 16, 2007

SANS isc:Update on Microsoft DNS vulnerability

From The Internet Storm Center
"We received a couple of e-mails over the weekend asking us why this vulnerability was significant. Most public DNS servers should not be listening on the RPC ports, after all. Indeed, networks obliging to basic secure perimeter design would only allow port 53 UDP/TCP to the authorative DNS servers, and definitely not the additional RPC ports required for exploitation."
SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc

No comments:

Post a Comment

All comments are moderated.

Note: Only a member of this blog may post a comment.