Turning Off DNS Cache & Flush?

DasFox · May 9, 2011

I was wondering, is there any security benefits to be gained by turning off the DNS cache?

Also when changing the Pri & Sec dns in the adapters and then flushing the dns, is just flushing the dns good enough, or should you also reboot to make sure the changes in the adapters have taken place properly?

THANKS

J_L · May 9, 2011

None, unless you mean privacy.

DasFox · May 9, 2011

J_L said:

None, unless you mean privacy.
Click to expand...

Yes of course I mean Privacy as well, this is the Privacy section of the forum...

What I don't understand, since I've not dug much into all this dns stuff is that I just visit a few sites then run; ipconfig /displaydns and I see many dns entries, way more then the sites I visited and some really odd names too...

So what is with all the strange names for dns that showup, that you've never visited before, could this be a type of dns poison?

THANKS

CloneRanger · May 9, 2011

I don't have DNS Cache

If you want to disable it.

Go to Administrative Tools/Services/DNS Client select Disabled

Also

This applies to XP, so you'll need to see how things may differ if you have another OS.

You "might" want to look at changing the settings for both Pos & Neg

Adjust Windows XP DNS Cache Settings

The length of time for which entries (negative or positive) are stored in the cache depends on settings in the Windows registry.
Click to expand...

Plus

Preventing the Resolver from accepting responses from nonqueried servers

By default, the resolver accepts responses even from servers it did not query. This could present a possible security liability, as an unauthorized DNS server might pass along invalid resource records to misdirect DNS queries. This can be avoided by adding a DWORD value named QueryIpMatching with a value of 1 to the following location in the registry: HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Tcpip \ Parameters.

Note: Previously many documents including VU#458659, ISS X-Force#4280, and DNS white papers from Microsoft indicated that the registry location for QueryIpMatching is HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Dnscache \ Parameters. But several people have found in testing that the correct location for this entry should be HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Tcpip \ Parameters which is also described in Microsoft Windows 2000 TCP/IP Implementation Details.

http://www.helpwithwindows.com/WindowsXP/tune-24.html
Click to expand...

DasFox · May 9, 2011

CloneRanger said:

I don't have DNS Cache

View attachment 226947

If you want to disable it.

Go to Administrative Tools/Services/DNS Client select Disabled

Also

This applies to XP, so you'll need to see how things may differ if you have another OS.

You "might" want to look at changing the settings for both Pos & Neg

Plus
Click to expand...

I guess what I'm trying to say is, if we block these DNS requests, disable the cache, then are we making for a more strong/secure scenario on a computer, not a server?

Or for the computer user, having these DNS entries in the cache, poses no security threat? It more a matter of privacy if someone wants to look at the dns list?

THANKS

Log in or Sign up

Turning Off DNS Cache & Flush?

DasFox Registered Member

J_L Registered Member

DasFox Registered Member

CloneRanger Registered Member

DasFox Registered Member

Log in or Sign up

Turning Off DNS Cache & Flush?

DasFox Registered Member

J_L Registered Member

DasFox Registered Member

CloneRanger Registered Member

DasFox Registered Member

Useful Searches