Fix DNS spoofing corruption
Serdar Yegulalp

Administrators of Windows 2000 DNS services sometimes report a bizarre problem where the service will resolve some domains but not others. Sometimes restarting the DNS service can stave off the problem, but it almost always comes creeping back. This often shows up if you're using the DNS server in-house for things like domain resolution for Web browsers and e-mail. The reason for this is DNS cache pollution through spoofing.

DNS spoofing takes place when non-secure data is sent in response to a DNS query, and can be used to hijack queries and redirect them to a rogue DNS server. As indicated above, they can create other problems as well.

To get rid of DNS corruption of this nature in the Windows 2000 DNS server, fire up REGEDT32 and perform the following steps:

  1. Navigate to the key HKEY_LOCAL_MACHINE\System\CurrentControl\SetServices\DNSParameters

  2. Add a DWORD with the name SecureResponses and the value 1.

  3. Quit REGEDT32 and restart DNS.

This setting insures that the data coming in will be secure.

If you are running Windows NT 4.0, you can insert the same key in the same location as well, although the name still has to be SecureResponses (one word).

Windows 2000 also allows you to do this through the DNS Management Console. Right-click on the DNS server in the left-hand side of the DNS Management

    Requires Free Membership to View

Console, select Properties, select Advanced, and check the "Secure cache against pollution" box.

Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter.

Related Book

Microsoft Windows 2000 DNS: Implementation and Administration
by Kevin Kocis
Online Price: $31.99
Publisher Name: SAMS Publishing
Date published: October 2001
This book focuses on the implementation and interoperability of Windows 2000 DNS with other current DNS architectures. Most DNS implementations are UNIX-based (BIND) and MS administrators will need to acquire stronger knowledge in this area. This book will focus on integration and less about Microsoft positioning (i.e. the shortcomings of different DNS models and how Microsoft tries to be "cutting edge".)

This was first published in December 2001

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.