|
|
|
If an attacker sends valid HTTP requests with false IP addresses to a web server, the Web Agent would try to resolve the IP addresses to fully qualified domain names. If the volume of HTTP requests were large enough, a denial-of-service condition could affect the Web Agent and possibly the DNS servers. The following parameter controls whether the Web Agent performs DNS lookups:
Prevents the Web Agent from performing DNS lookups.
To help prevent DNS DOS attacks, set the value of the DisableDNSLookups parameter to yes.
Important! Fully qualified domain names must be used for cookie-based functions to work properly when the value of this parameter is set to yes.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |