2023-03-16 17:34:50 +00:00
id : configure-dns-server
info :
2023-07-06 06:27:03 +00:00
name : DNS Server Not Implemented - Detect
2023-03-16 17:34:50 +00:00
author : pussycat0x
severity : info
description : |
2023-07-06 06:27:03 +00:00
DNS is recommended to be configured over TLS. This prevents intermediate parties and potential attackers from viewing the content of DNS queries and can also assure that DNS is being provided by the expected DNS servers.
2023-03-16 17:34:50 +00:00
reference : |
https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
2023-05-04 15:09:54 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
2023-10-14 11:27:55 +00:00
cvss-score : 0
2023-05-04 15:09:54 +00:00
cwe-id : CWE-200
2023-03-22 19:13:05 +00:00
metadata :
verified : true
2023-03-16 17:34:50 +00:00
tags : firewall,config,audit,pfsense,file
2023-12-14 03:48:19 +00:00
2023-03-16 17:34:50 +00:00
file :
- extensions :
- xml
matchers-condition : and
matchers :
- type : word
words :
- "<dnsserver>"
negative : true
- type : word
words :
2023-03-22 19:01:22 +00:00
- "<pfsense>"
2023-03-22 19:13:05 +00:00
- "<system>"
condition : and
2023-05-04 15:09:54 +00:00
# Enhanced by md on 2023/05/04
2024-01-04 06:57:22 +00:00
# digest: 4a0a00473045022033cb74c6b00552467f5bc077d514ea4991e3a3222666f07b004e0d7bd978098f022100a10c92466915077df2b21b37b18aabc5d0122bb34af9bec017432af9736b0238:922c64590222798bb761d5b6d8e72950