USNS MONTFORD POINT - Findings

Showing 1 unique vulnerabilities (1 total) (filtered) View Documentation Status (90 tracked)

V-259417 CAT II Windows DNS response rate limiting (RRL) must be enabled.

1 asset 1 Open Microsoft Windows Se...

Hostname	IP Address	Status	Assigned To	Last Scan	Actions
MONT-DC-003	164.231.187.34			2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServerDNS_Checks) found this to be OPEN on 10/23/2025 ResultHash: 0B575F416B20B37BBFDE2A14E481ED5B2F0C8C53 ~~~~~ Mode: Disable Comments

Check Text

As an administrator, run PowerShell and enter the following command: "Get-DnsServerResponseRateLimiting". If "Mode" is not set to "Enable", this is a finding.

Fix Text

As an administrator, run PowerShell and enter the command "Set-DnsServerResponseRateLimiting" to apply default values or "Set-DnsServerResponseRateLimiting -WindowInSec 7 -LeakRate 4 -TruncateRate 3 -ErrorsPerSec 8 -ResponsesPerSec 8". These settings are just an example. For more information, go to: https://learn.microsoft.com/en-us/powershell/module/dnsserver/set-dnsserverresponseratelimiting?view=windowsserver2022-ps

Finding Details

Comments

Check Text

Fix Text