CCE-33193-4Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
Turn off smart multi-homed name resolution
Specifies that a multi-homed DNS client should optimize name resolution across networks. The setting improves performance by issuing parallel DNS, link local multicast name resolution (LLMNR) and NetBIOS over TCP/IP (NetBT) queries across all networks. In the event that multiple positive responses are received, the network binding order is used to determine which response to accept.
If you enable this policy setting, the DNS client will not perform any optimizations. DNS queries will be issued across all networks first. LLMNR queries will be issued if the DNS queries fail, followed by NetBT queries if LLMNR queries fail.
If you disable this policy setting, or if you do not configure this policy setting, name resolution will be optimized when issuing DNS, LLMNR and NetBT queries.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesNetworkDNS Client!Turn off smart multi-homed name resolution
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows NTDNSClient!DisableSmartNameResolution
CCSS Severity: | CCSS Metrics: |
CCSS Score : 3.7 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 1.4 | Privileges Required: NONE |
Severity: LOW | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L | Scope: UNCHANGED |
| Confidentiality: NONE |
| Integrity: NONE |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:28748 |