Watch it: Multiple DNS implementations vulnerable to cachepoisoning

[Randal, Phil]

Have you made sure that in named.conf there are no

  query-source    port 53;	
  query-source-v6 port 53;

lines?

Cheers,

Phil

--
Phil Randal
Networks Engineer
Herefordshire Council
Hereford, UK

-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jason
Ede
Sent: 10 July 2008 11:15
To: MailScanner discussion
Subject: RE: Watch it: Multiple DNS implementations vulnerable to
cachepoisoning

I've patched some servers and they're showing good, but on one behind a
firewall its still showing as poor despite the update being run... Its
running Centos5.1

Jason


> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- 
> bounces at lists.mailscanner.info] On Behalf Of shuttlebox
> Sent: 10 July 2008 09:42
> To: MailScanner discussion
> Subject: Re: Watch it: Multiple DNS implementations vulnerable to 
> cache poisoning
>
> On Thu, Jul 10, 2008 at 3:54 AM, Ken A <ka at pacific.net> wrote:
> > They are probably not random enough. You can look at them with
> netstat or
> > lsof -i
>
> OK, it's the standard deviation that is key to the result. Unique 
> ports but all in a row for example is of course not good.
>
> I have now patched one server and it shows GOOD with a high std dev.
>
> /peter
> --
> Robert Benchley  - "Drawing on my fine command of the English 
> language, I said nothing."
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!