Multicast DNS (mDNS)
Vulnerable computer systems and applications:
Poorly configured systems that use DNS services (routers, printers, online storage (NAS), Windows, and Linux operating systems).
The multicast DNS (mDNS) protocol is used to search for automatic devices or services on a local network. It allows devices to easily detect and exchange information about devices and services. Sometimes, the mDNS server responds to individual requests from an external network to a local network. This response may issue too much information about the devices on the network. Furthermore, the amount of information is sufficient to execute a Denial of Service against other users on the Internet.
- Block the access to/from the local network via a 5353 UDP port;
- When not in use, disable mDNS service.