Received the following finding from security scanner. The server is a domain controller with active directory. Is there a fix? The remote name resolver (or the server it uses upstream) may be vulnerable to DNS cache poisoning. The remote DNS resolver does not use random ports when making queries to third party DNS servers. Thank You.

Hello, Please post some topology information, there is not even an indication of your OS! What scanner did you run? Hotfixes address all of these issues. Ref the AD domain controller: the question here is whether it's up to date on hotfixes and whether it's exposed to the Internet, either directly or though port forwarding. I would apply all updates and re-run the scanner. http://msmvps.com/blogs/acefekay/archive/2009/09/03/the-dns-cache-poisoning-vulnerability-microsoft-kb953230-patch-and-ports-reservation-explained.aspx http://technet.microsoft.com/en-us/security/bulletin/ms08-037 http://www.cert.org/archive/pdf/dns.pdf Miguel Fra | Falcon IT Services, Miami, FL www.falconitservices.com | www.falconits.com | Blog