* Kapil Hari Paranjape:
> According to the following URL Dan Kaminsky's cat's whiskers may already
> be out of the bag[*] and source port randomisation may not be enough.
Most announcements indicated that source port randomization is only a
band-aid, hopefully deployable in the short, and not a l
Hello,
On Wed, 09 Jul 2008, Kapil Hari Paranjape wrote:
> The Debian advisory does not mention the status of "pdnsd" w.r.t the
> DNS cache poisoning problem. A quick check seems to suggest that
> "pdnsd" also randomises the source port while sending out a query.
According to the following URL Dan
* Pierre Habouzit:
> And the code matches the documentation. And yes a new socket is used for each
> request if that matters.
But it seems to use a weak PRNG (random from libc).
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, Jul 09, 2008 at 09:44:21AM +, Kapil Hari Paranjape wrote:
> Hello,
>
> The Debian advisory does not mention the status of "pdnsd" w.r.t the
> DNS cache poisoning problem. A quick check seems to suggest that
> "pdnsd" also randomises the source port while sending out a query.
>
> Could
Hello,
The Debian advisory does not mention the status of "pdnsd" w.r.t the
DNS cache poisoning problem. A quick check seems to suggest that
"pdnsd" also randomises the source port while sending out a query.
Could the maintainer of "pdnsd" please confirm this? I do not want to
file a pointless bu
5 matches
Mail list logo
