Explore the concept of the DNS socket pool. This allows the ability to help secure DNS by randomizing a communication port when issuing DNS queries.
- [Narrator] Another feature we can use to help secure DNS…is something called the DNS socket pool.…Now, the DNS socket pool enables a DNS server…to use source port randomization when issuing DNS queries.…When the DNS service starts,…the server chooses a source port form a pool of sockets…that are available for issuing queries.…Instead of using a predictable source port,…the DNS server uses a random port number…that it selects from the DNS socket pool.…
Now, this is what makes cash tampering attacks…much more difficult, because a malicious user…must correctly guess both the source port of the DNS query…and a random transaction ID to successfully run the attack.…Now, this pool is enabled by default in Windows Server 2019…and it's actually set to a pool size of 2500,…but it is modifiable.…There is a command that you can use from the command line.…Okay, so it's dnscmd/Config/SocketPoolSize…and then you can enter a value anywhere from zero to 10,000.…
So again, 2500 is the default,…but keep in mind the larger the value,…
Author
Ed Liberman
Released
2/5/2019- What is Dynamic Host Configuration Protocol (DHCP)?
- Setting up DHCP
- Securing and troubleshooting DHCP
- Configuring a DHCP relay agent
- Deploying Domain Name System (DNS)
- Creating stub zones and reverse lookup zones
- Testing queries
- DNS security
Skill Level Beginner
Duration
Views
-
Introduction
-
Course organization1m 40s
-
1. Dynamic Host Configuration Protocol (DHCP) Overview
-
What is DHCP?2m 14s
-
Lease generation3m 29s
-
Lease renewal3m 38s
-
-
2. Setting Up DHCP
-
Install the DHCP server role3m 54s
-
Authorize a DHCP server3m 42s
-
Create DHCP scopes5m 8s
-
Configure DHCP options3m 33s
-
Activate a scope3m 7s
-
Configure DHCP clients6m 3s
-
Configure DHCP reservations5m 13s
-
-
3. Managing DHCP
-
Reconcile DHCP scopes2m 36s
-
Database statistics3m 28s
-
Secure DHCP5m 39s
-
Troubleshoot DHCP3m 55s
-
4. DHCP Advanced Features
-
Configure DHCP failover5m 9s
-
Manage DHCP failover4m 2s
-
DHCP in a routed environment2m 26s
-
Configure a DHCP relay agent4m 22s
-
Test relay agent3m 36s
-
-
5. Deploying DNS (Domain Name System)
-
DNS client configuration3m 59s
-
6. DNS Zones
-
Configure zone transfers4m 43s
-
Create reverse lookup zones2m 40s
-
7. DNS Resource Record Types
-
Alias (CNAME) record3m 2s
-
Mail exchanger (MX) record3m 28s
-
8. Name Resoution
-
DNS queries4m 10s
-
Testing queries2m 12s
-
DNS cache3m 19s
-
Forwarding2m 31s
-
Conditional forwarding3m 28s
-
Caching only DNS servers3m 26s
-
-
9. DNS Security
-
DNS cache locking2m 32s
-
DNS socket pool1m 18s
-
-
Conclusion
-
Next steps19s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: DNS socket pool