PDA

View Full Version : Windows 10 DNS Management



Renk
23.09.15, 13:18
Windows 10 handles DNS in a non conventional way:


Windows 10 DNS resolver sends DNS requests in parallel to all available network interfaces and uses the fastest reply to come. If you use DNS from the local network, this problem allows your ISP or a hacker with Wi-Fi ap to hijack your DNS records even if you use VPN.


In order to disable this "feature", go with registry editor to HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Win dows NT\DNSClient ans add a DWORD with name DisableSmartNameResolution and any value other than zero.


https://medium.com/@ValdikSS/beware-of-windows-10-dns-resolver-and-dns-leaks-5bc5bfb4e3f1

anon
23.09.15, 17:14
I don't use Windows 10 (although apparently 8.1 is also affected by this) and don't think I will in the near future, but this is a good tip. Thanks for posting!

While you're at it, you can disable multicast DNS if you don't need it, by adding a DWORD called EnableMulticast with a value of 0. That feature is supposed to offer decentralized name resolution for .local domains on local networks only, but in practice it sometimes leaks requests for other hostnames too. If you're on a VPN, those may reach other customers on the same subnet.