DNS Client Service Security Concerns
As discussed in my previous post about failure of DNS Client Service failure leading to a failure of ipconfig /flushdns
Some security experts believe that it is better to turn off DNS Client service because it is useless and dangerous. However I would recommend it is better to leave it turned on and make sure you have installed the latest Windows updates.
The DNS Client is not required to use the internet. The big advantage it brings to your internet surfing is to speed up the process of name resolution and this in turn improves your internet experience.
You would already know the purpose of DNS Caching. So how does DNS Client improve your internet experience? The most basic way it does this is by caching domain name addresses and prevent calls to DNS servers for name resolution. This service also determines if an IPv4 or IPv6 address would be more appropriate for a domain name. In an enterprise, it can also be useful in letting the network know your PC’s domain name, which can simplify finding shared resources. Though it is safe to disable this service, most users will likely end up with slower internet browsing, as well as other minor DNS related issues, so it’s best to leave this one on.
As per Microsoft Knowledge Base website, “The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated.
The DNS Client service optimizes the performance of DNS name resolution by storing previously resolved names in memory. If the DNS Client service is turned off, the computer can still resolve DNS names by using the network’s DNS servers, but in the process spend a few seconds communicating with DNS servers to get the domain name.
When the Windows resolver receives a positive or negative response to a query, it adds that positive or negative response to its cache, and as a result, creates a DNS resource record. The resolver always checks the cache before querying any DNS server. If a DNS resource record is in the cache, the resolver uses the record from the cache instead of querying a server. This behavior expedites queries and decreases network traffic for DNS queries.
How have you configured DNS Client on your machine, would you like to keep it running all the time, or do you feel you are much better with DNS Client turned Off? Do leave your feedback to this post and share your views!!!
Filed under: DNS, Domain Name, Flush DNS, Internet News | Tagged: DNS, DNS Client, Flush DNS, Flushdns
[...] Credit:DNS Client Service Security Concerns Posted in Web Hosting on Sep 25th, 2008, 5:43 am [...]
I read your posts for quite a long time and must tell that your posts are always valuable to readers.