none
How to test "Secure Cache Against Pollution" in DNS? RRS feed

  • Question

  • Hi,

    I want to test how does Secure Cache Against Pollution work in real (or in practice). How can I do that? Any help would be appreciated.

    Thanks 


    Monday, April 1, 2019 6:02 PM

Answers

  • Hi,

    You need to hijack the DNS response and modify it during the DNS lookup process.

    Exactly, I don't know how to do this because it is more like hacking.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, April 3, 2019 7:34 AM
    Moderator

All replies

  • Hi,

    When the setting is enabled, the server caches only those records with a name that corresponds to the domain for which the original queried name was made. Any referrals received from another DNS server along with a query response are simply discarded.

    For example, if a query is originally made for example.microsoft.com, and a referral answer provides a record for a name outside the microsoft.com domain name tree (such as msn.com), that name is discarded if the Secure Cache Against Pollution option is enabled. This setting helps prevent unauthorized computers from impersonating another network server.

    You can disable the setting, and resolve any unknown external domain names. After a period of time ,you can check the DNS cache by using command ipconfig /displaydns

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, April 2, 2019 6:07 AM
    Moderator
  • I don't understand. Can you tell me to do that step by step, please? Thanks
    Tuesday, April 2, 2019 8:30 AM
  • Hi,

    You need to hijack the DNS response and modify it during the DNS lookup process.

    Exactly, I don't know how to do this because it is more like hacking.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, April 3, 2019 7:34 AM
    Moderator