Sunday, July 15, 2007

DNS Vulnerability

Possible DNS vulnerability on SBS2003 server as per the Microsoft article :

http://www.microsoft.com/technet/security/advisory/935964.mspx

The simple fix for the time being is :

1.

On the start menu click 'Run' and then type 'Regedit' and then press enter.

2.

Navigate to the following registry location:
“HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters”

3.

On the 'Edit' menu select 'New' and then click 'DWORD Value'

4.

Where 'New Value #1' is highlighted type 'RpcProtocol' for the name of the value and then press enter.

5.

Double click on the newly created value and change the value's data to '4' (without the quotes).

6.

Restart the DNS service for the change to take effect.