[afnog] Big DNS vulnerability (Here is my finds and Quickst Solution 4 those running BIND on Centos or Fedora Linux Distros)...
Hari Kurup
kurup at afrinic.net
Sat Jul 26 08:45:57 UTC 2008
On 26/07/2008 10:27, Hari Kurup wrote:-
> On 25/07/2008 00:46, Maina Noah wrote:-
>
>> [superuser at ns1 /]# *dig +short @ns1.youdomain.co.tz
>> porttest.dns-oarc.net <http://porttest.dns-oarc.net> TXT
>> *
>> ;; Warning: ID mismatch: expected ID 32835, got 58254
>> ;; Warning: ID mismatch: expected ID 32835, got 58254
>> ;; Warning: ID mismatch: expected ID 32835, got 58254*
>
> Maybe I am wrong but it looks to me that even after you patched your
> bind setup, your outgoing UDP source port numbers are not getting
> randomised?
correction ...the transaction IDs, not port numbers. They too should be
random.
--
Hari
More information about the afnog
mailing list