“Secure” DNS updates is the default in Windows, but there is an option to allow “Nonsecure” updates. I have seen this changed when non-Windows DHCP servers are used (eg Access Points), this opens a network up to some pretty nifty attacks that a Metasploit module just hit the ground for.
The module was originally written by King Sabri, with many touch ups and the spoofing capability by busterbcook
This is a Security Bloggers Network syndicated blog post authored by Malicious Link. Read the original post at: Malicious Link