Test ID:	1.3.6.1.4.1.25623.1.0.10539
Category:	General
Title:	Useable remote name server
Summary:	NOSUMMARY
Description:	Description: The remote name server allows recursive queries to be performed by the host running nessusd. If this is your internal nameserver, then forget this warning. If you are probing a remote nameserver, then it allows anyone to use it to resolve third parties names (such as www.nessus.org). This allows hackers to do cache poisoning attacks against this nameserver. If the host allows these recursive queries via UDP, then the host can be used to 'bounce' Denial of Service attacks against another network or system. See also : http://www.cert.org/advisories/CA-1997-22.html Solution : Restrict recursive queries to the hosts that should use this nameserver (such as those of the LAN connected to it). If you are using bind 8, you can do this by using the instruction 'allow-recursion' in the 'options' section of your named.conf If you are using bind 9, you can define a grouping of internal addresses using the 'acl' command Then, within the options block, you can explicitly state: 'allow-recursion { hosts_defined_in_acl }' For more info on Bind 9 administration (to include recursion), see: http://www.nominum.com/content/documents/bind9arm.pdf If you are using another name server, consult its documentation. Risk factor : High
Cross-Ref:	BugTraq ID: 136 BugTraq ID: 678 Common Vulnerability Exposure (CVE) ID: CVE-1999-0024 Cert/CC Advisory: CA-97.22.bind https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0024 NAI Labs Security Advisory: NAI-11 XForce ISS Database: bind
Copyright	This script is Copyright (C) 2000 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.