DNS over TLS Server Detection

info Nessus Plugin ID 147947
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

A DNS server is listening on the remote host over TLS.

Description

The remote service is a Domain Name System (DNS) server, running over TLS, which provides a mapping between hostnames and IP addresses.

Solution

Disable this service if it is not needed or restrict access to internal hosts only if the service is available externally.

See Also

https://en.wikipedia.org/wiki/DNS_over_TLS

Plugin Details

Severity: Info

ID: 147947

File Name: dnstls_server.nasl

Version: 1.1

Type: remote

Family: DNS

Published: 3/22/2021

Updated: 3/22/2021

Dependencies: find_service.nasl

Vulnerability Information

Required KB Items: Transport/SSL/853