Quoting Stephen Vaughan ([EMAIL PROTECTED]): > Does anyone know if TinyDNS is vulnerable to the dns cache poisoning > exploit?
The Kaminsky-publicised attack method applies _only_ to caching recursive-resolver nameservers: tinydns is an authoritative-only DNS daemon, not a recursive resolver. (DJB's caching recursive-resolver module is dnscache, which was protected by his far-sighted decision to randomise source ports -- which has of course been vindicated by recent news.) Notes on Linux-relevant nameservers in my bestiary of same might be useful to you: "DNS Servers" on http://linuxmafia.com/kb/Network_Other/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
