Watch it: Multiple DNS implementations vulnerable to cachepoisoning

Peter Farrow peter at farrows.org
Thu Jul 10 13:06:55 IST 2008 

If you're running a public DNS server or a DNS server for your LAN 
clients then these lines are an extremely good idea...

P.


Randal, Phil wrote:
> Have you made sure that in named.conf there are no
>
>   query-source    port 53;	
>   query-source-v6 port 53;
>
> lines?
>
> Cheers,
>
> Phil
>
> --
> Phil Randal
> Networks Engineer
> Herefordshire Council
> Hereford, UK
>
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jason
> Ede
> Sent: 10 July 2008 11:15
> To: MailScanner discussion
> Subject: RE: Watch it: Multiple DNS implementations vulnerable to
> cachepoisoning
>
> I've patched some servers and they're showing good, but on one behind a
> firewall its still showing as poor despite the update being run... Its
> running Centos5.1
>
> Jason
>
>
>   
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- 
>> bounces at lists.mailscanner.info] On Behalf Of shuttlebox
>> Sent: 10 July 2008 09:42
>> To: MailScanner discussion
>> Subject: Re: Watch it: Multiple DNS implementations vulnerable to 
>> cache poisoning
>>
>> On Thu, Jul 10, 2008 at 3:54 AM, Ken A <ka at pacific.net> wrote:
>>     
>>> They are probably not random enough. You can look at them with
>>>       
>> netstat or
>>     
>>> lsof -i
>>>       
>> OK, it's the standard deviation that is key to the result. Unique 
>> ports but all in a row for example is of course not good.
>>
>> I have now patched one server and it shows GOOD with a high std dev.
>>
>> /peter
>> --
>> Robert Benchley  - "Drawing on my fine command of the English 
>> language, I said nothing."
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>     
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website! 
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>   

-- 
This message has been scanned for viruses and
dangerous content by the Inexcom system Scanner,
and is believed to be clean.
Advanced heuristic mail scanning server [-].
http://www.inexcom.co.uk

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20080710/cdc71509/attachment.html

More information about the MailScanner mailing list