Not sure if my DNS is vulnerable?
John Smith
n6s7a6 at gmail.com
Wed Aug 13 13:15:01 UTC 2008
So I have a caching only DNS server that is behind a firewall and has no
incoming connections allowed unless specifically requested from inside. My
DNS server does contact the root DNS servers upstream. But again incoming
conections are only allowed into my DNS server unless the originated from
the inside.
As far as I understand the problem for the recent DNS issues is from someone
on the outside of my firewall ( I am ignoring an attack from the inside)
would have to send my DNS server (which they cannot) some DNS requests in
order to get a reply for them to attack?
Am I right? so since I do not have external access to port 53 I am
relatively safe?
Since my DNS is not randomizing ports but is radomizign transaction id's?
Just curious.
More information about the bind-users
mailing list