DNS cache poisoning attacks
Barry Margolin
barmar at alum.mit.edu
Tue Aug 26 01:14:19 UTC 2008
In article <g8vk47$16dn$1 at sf1.isc.org>,
"EL MAAYATI Afaf" <afaf at anrt.ma> wrote:
> Hello,
> As recommended, I've upgraded my DNS server to the version BIND
> 9.5.1b1 <http://www.isc.org/sw/bind/view?release=9.5.1b1> . But I
> still have the message indicating that my server is still
> vulnerable
>
> # dig @192.168.2.3 +short porttest.dns-oarc.net txt
> Porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
> "192.168.2.3 is POOR: 26 queries in 6.4 seconds from 1 ports with std dev 0"
>
> Is there anything that I've missed?
Do you have a hard-coded port in the "query-source" option in
named.conf? Get rid of it.
Are you behind a firewall? Maybe it's mapping everything to the same
port.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list