DNSmasq - DNS poisoning
Enviado: Sáb Jul 26, 2008 10:02 pm
There has been a lot of talk recently about DNS poisoning. According to US-CERT we are vulnerable but simon at thekelleys.org.uk is not sure.
http://it.slashdot.org/article.pl?sid=08/07/21/2212227
http://it.slashdot.org/article.pl?sid=08/07/25/1334254
US-CERT Vulnerability Note VU#800113
http://www.kb.cert.org/vuls/id/800113
dnsmasq Vulnerable 11-Jul-2008
DNSmasq people have a fix in version 2.43
http://lists.thekelleys.org.uk/pipermai ... 02183.html
http://it.slashdot.org/article.pl?sid=08/07/21/2212227
http://it.slashdot.org/article.pl?sid=08/07/25/1334254
US-CERT Vulnerability Note VU#800113
http://www.kb.cert.org/vuls/id/800113
dnsmasq Vulnerable 11-Jul-2008
DNSmasq people have a fix in version 2.43
http://lists.thekelleys.org.uk/pipermai ... 02183.html
Implement random source ports for interactions with
upstream nameservers. New spoofing attacks have been found
against nameservers which do not do this, though it is not
clear if dnsmasq is vulnerable, since to doesn't implement
recursion. By default dnsmasq will now use a different
source port (and socket) for each query it sends
upstream.