[ale] DNS Cache Probing was cacheing DNS?
William Bagwell
rb211 at tds.net
Thu May 10 10:27:28 EDT 2012
On Wednesday 09 May 2012, John Heim wrote:
(snips)
> http://dns.measurement-factory.com/cgi-bin/openresolvercheck.pl says
> I'm running an open resolver.
Have a similar problem to John, likely for a very different reason. I am
trying to pass a PCI (Credit card merchant) compliance scan of my home
computer and failing on *one* single point. They say I'm running a DNS
server that is allowing "DNS Cache Probing". I'm not, my port 53 is
closed, and I have even turned off the internal DNS cache built into my
fire wall in an attempt to pass.
It apeares from the link John posted that my ISP may be intercepting these
external DNS queries since it is they who are answering.
"184.60.162.220 [64.50.228.54] open 2012-05-10 14:02:28"
>From the notes,
"If a resolver receives and transmits on different addresses, the
transmitting address is shown in [brackets]."
If so, I have no control over 64.50.228.54 and its open status or allowing
cache probing. Any help on passing this compliance test
would be appreciated.
--
William
More information about the Ale
mailing list