oss-sec mailing list archives
DNS vulnerability: other relevant software
From: Matthias Geerdsen <vorlon () gentoo org>
Date: Wed, 09 Jul 2008 14:07:01 +0200
Hi,looking at some of the DNS related software in our tree, I thought it might be nice to keep track of any findings of affected and unaffected packages...
So here is a start: - posadis [1]:has not seen an update since dec 2004; I could not find any info on port randomization etc., but considering the age it might probably have other issues too.
- dnsmasq [2]: no port randomization [3] - pdnsd [4]: no info yet - MaraDNS [5]:"MaraDNS uses a strong secure RNG for both the query (16 bits of entropy) and the source port of the query (12 bits of entropy). This makes spoofing replies to a MaraDNS server more difficult, since the attacker has only a one in 250 million chance that a given spoofed reply will be considered valid." [6]
- MyDNS [7]: "MyDNS does not include recursive name service, nor a resolver library." also this thread [8]- DNRD [9]: "Uses random source port and random query ID's to prevent cache poisoning."
Matthias [1] <http://posadis.sourceforge.net/> [2] <http://www.thekelleys.org.uk/dnsmasq/doc>[3] <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2008q3/002147.html>
[4] <http://www.phys.uu.nl/~rombouts/pdnsd/> [5] <http://www.maradns.org/> [6] <http://www.maradns.org/tutorial/man.maradns.html> [7] <http://mydns.bboy.net/>[8] <http://sourceforge.net/mailarchive/forum.php?thread_name=714ef0060807081802h4e52a70ak4f52e06c11e2abfe%40mail.gmail.com&forum_name=mydns-users>
[9] <http://dnrd.sourceforge.net/> -- Matthias Geerdsen (vorlon) Gentoo Linux Security Team http://security.gentoo.org
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- DNS vulnerability: other relevant software Matthias Geerdsen (Jul 09)
- Re: DNS vulnerability: other relevant software The Fungi (Jul 09)
- Re: DNS vulnerability: other relevant software Mark J Cox (Jul 09)
- Re: DNS vulnerability: other relevant software Florian Weimer (Jul 09)
- Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
- Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
- Re: DNS vulnerability: other relevant software Eugene Teo (Jul 10)
- Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 10)
- Re: DNS vulnerability: other relevant software Bernhard R. Link (Jul 11)
- Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 11)
- Re: DNS vulnerability: other relevant software Florian Weimer (Jul 13)
- Re: DNS vulnerability: other relevant software Mark J Cox (Jul 09)
- Re: DNS vulnerability: other relevant software The Fungi (Jul 09)