Home » Windows 7

DNSSEC support for Windows Server 2008 R2 and Windows 7

4 January 2009 No Comment

One of the novelties of Windows 7 and Windows Server 2008 R2 (the "7 Windows Server") is the support for DNS Security Extensions (DNSSEC), as described in RFC 4033, 4034 and 4035. This support will be present both in the DNS server for Windows Server 2008 R2 as the client (DNS stub solving) present in both these versions of Windows.

The DNSSEC allows both servers as customers can validate the responses received in their queries to DNS. The validation prevents attacks in many cases of forgery of DNS records, such as cache poisoning, and are the definitive answer to vulnerabilities such as flaw discovered last year by Dan Kaminski and patched in bulletin MS08-037.

[Please note that DNSSEC is not a protection against other types of attacks, especially those where the server or the client have been committed mainly by malware. Here in Brazil we had in the media assertions about DNSSEC improving security in banking transactions made via the Internet, which is highly questionable (to say the least) given the way the frauds are currently made in the country.]

Source- MS security brazil team blog

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.