Am 15.03.2013 10:57, schrieb Ed Greshko: > On 03/15/13 17:46, Ed Greshko wrote: >> Is the destination IP address a single IP address or are there others. >> >> Is your system running a DNS server? If you are running one, is it supposed to be servicing requests from the Internet? If it is supposed to be taking requests from the Internet, have you made sure to configure such that recursion is disabled. > > Never mind.... > > In re-reading the original message I see the "source port" is 35442. I'm pretty sure recursion from a DNS server would show 53 as the source port. pretty sure only if your DNS is very outdated http://unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html http://en.wikipedia.org/wiki/DNS_spoofing As stated above, source port randomization for DNS requests, combined with the use of cryptographically-secure random numbers for selecting both the source port and the 16-bit cryptographic nonce, can greatly reduce the probability of successful DNS race attacks.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
