Showing 1 of 1 findings
(filtered)
View Documentation Status (90 tracked)
| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-259353 | CAT II | MONT-DC-003 | Microsoft Windows Server Domain Name Sys... | In a split DNS configuration between the external ... | Documented Pending Review | |||
Check TextConsult with the system administrator to review the external Windows DNS Server's DOD approved firewall policy. The inbound TCP and UDP ports 53 rule should be configured to only restrict IP addresses from the internal network. If the DOD-approved firewall policy is not configured with the restriction, consult with the network firewall administrator to confirm the restriction on the network firewall. If neither the DNS server's DOD approved firewall policy nor the network firewall is configured to block internal hosts from querying the external DNS server, this is a finding. Fix TextConfigure the external DNS server's firewall policy, or the network firewall, to block queries from internal hosts. CommentsNeed to check with HBSS
Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_WinServerDNS_V2R3_20251023-172313.ckl
Scan Date: 2026-01-14T12:57:38.179760
Technology Area: Domain Name System
|
||||||||