this post was submitted on 04 May 2024
21 points (92.0% liked)

Pulse of Truth

1222 readers
52 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth
21
Microsoft plans to lock down Windows DNS like never before. Here’s how. (arstechnica.com)
submitted 1 year ago by Zotora@programming.dev to c/pulse_of_truth
2 comments fedilink hide all child comments
all 3 comments
sorted by: hot top controversial new old
[–] SmoothLiquidation@lemmy.world 5 points 1 year ago (1 children)

This sounds like a pain in the ass to maintain. Either you are trusting Microsoft to give you a whitelist of “good” domains or you have the IT department having to jump to action every time a user tries to connect to a new site. If you are just using it to track dns queries then you have to trust that the whole software suite of the organization is playing nice and not using any hard-coded IP addresses or doing any dns lookups in a bad way, which with custom legacy software, good luck.

Also, is this just a server change, or will all the client boxes have to be updated for this? That will be a pain in any network with a mix of OSes on it.

[–] alex_02 1 points 1 year ago

It probably won't be used in the majority of environments because it would be an administration nightmare.