- TalkBack 7 of 26:
- Next »
- « Previous
- Thread View
- Flat View
- Re: Are private DNS servers exploitable?
-
Your scenario is not exploitable with the current code, because it is not possible to directly feed requests to your internal DNS server. Your setup is actually similar to most corporate setups, just on a smaller and less complex scale.
Extensions of the current code could be made where requests weren't made directly via the metasploit framework, but where your browser/email-client/etc is forced to make a large number of requests on your behalf. This could be done by getting you to click a malicious link or by you visiting a legit but hijacked website (either XSS bug or full control).
Depending on how your NAT router is setup will depend if you are vulnerable in that case or not.
Corporations have to worry about this because there are still many, many ways to kick-off DNS requests from the inside, through email servers, database servers, web functionality, etc etc. - Posted by: natron_ Posted on: 07/24/08 You are currently: a Guest | Members login | Terms of Use
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
- Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Learn more about tools to grow your business
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Save time with the UPS Business Essentials Guide
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Achieving Cost and Resource Savings with Unified Communications
-
Find out how to maximize your communications investments with Unified Communications.
- Click to download >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
-
-
Smart Tech
Expert advice on innovations in healthcare and the green technologies that make it happen.
Find out more
-
Smart Business
Discussion and advice on management issues that revolve around making your world smarter and more useful.
More Smart Advice
-
Smart People
The best and worst moves in the management and strategy trenches.
Learn More
