Tom Lane <tgl@xxxxxxxxxx> writes: > The normal configuration for a stub resolver is that it's only pointed > to locally-controlled caching servers; so long as you've fixed those > servers, you should be safe AFAICS. The attacker sends reply packets with the source-address of the locally-controlled caching server. Network firewalls and reverse path-checking can prevent this attack, but you cannot assume that all machines with Fedora are behind routers and firewalls set up to prevent the attack. > If this analysis is not correct, I'd like to be informed by some means > more polite than breaking into my home machines ;-) Don't worry, I won't tell anyone that your root password is 12345. /Benny -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
