On 7/25/07, Allen <[EMAIL PROTECTED]> wrote: > Richard Storm wrote: > > Is openbsd bind vulnerable to attacks on binds PRNG described here: > > http://www.securiteam.com/securitynews/5VP0L0UM0A.html > > A glance at the README.OpenBSD file for 4.1 in /usr/src/usr.sbin/bind > shows (among other things): > > - add LCG (Linear Congruential Generator) implementation to libisc > - use LCG instead of LFSR for ID generation until LFSR is proven reliable > - strlcpy/strlcat/snprintf fixes > > Without digging into things deeper, it looks like this is unlikely to > be an issue since the OBSD version doesn't rely on LFSR.
One would think that with 16 bits for the query ID and 16 bits for the source port on DNS requests that the source port would be considered as important in terms of cache poisoning / response spoofing resiliency. named(8) uses a static source port for every query from the time of server startup; is there a good reason the authors don't pass source port allocation off to the OS where it can be randomized? DS
