![]() |
|
Home | Forums | Gallery | Register | Video Directory | FAQ | Members List | Calendar | Games | Today's Posts | Search | Chat Room |
![]() ![]() |
|
Thread Tools | Display Modes |
#1
|
||||
|
||||
![]() TA15-240A: Controlling Outbound DNS Access
08-28-2015 10:31 AM Original release date: August 28, 2015 | Last revised: August 30, 2015 Systems Affected Networked systems Overview US-CERT has observed an increase in Domain Name System (DNS) traffic from client systems within internal networks to publically hosted DNS servers. Direct client access to Internet DNS servers, rather than controlled access through enterprise DNS servers, can expose an organization to unnecessary security risks and system inefficiencies. This Alert provides recommendations for improving security related to outbound DNS queries and responses. Description Client systems and applications may be configured to send DNS requests to servers other than authorized enterprise DNS caching name servers (also called resolving, forwarding or recursive name servers). This type of configuration poses a security risk and may introduce inefficiencies to an organization. ** Impact Unless managed by perimeter technical solutions, client systems and applications may connect to systems outside the enterprise’s administrative control for DNS resolution. Internal enterprise systems should only be permitted to initiate requests to and receive responses from approved enterprise DNS caching name servers. Permitting client systems and applications to connect directly to Internet DNS infrastructure introduces risks and inefficiencies to the organization, which include:
Implement the recommendations below to provide a more secure and efficient DNS infrastructure. Please note that these recommendations focus on improving the security of outbound DNS query or responses and do not encompass all DNS security best practices. *
Revision History
More... |
Sponsored Links |
|