Re: Actual BIND error - Patching OpenBSD 4.3 named ? | KernelTrap

Re: Actual BIND error - Patching OpenBSD 4.3 named ?

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Stuart Henderson <stu@...>

To: <misc@...>

Subject: Re: Actual BIND error - Patching OpenBSD 4.3 named ?

Date: Thursday, July 10, 2008 - 10:28 am

On 2008-07-09, mark reardon wrote:

quoted text

> doxpara.com reports no issues with unbound FWIW.

right, unbound already randomises the source port (arc4random
from guess where) and also the source address if you list more
than one (assign aliases to the interfaces, and list all of
the IP address in "outgoing-interface" lines in config).

http://nlnetlabs.nl/publications/DNS_cache_poisoning_vulnerability.html

they have their own methods to avoid stomping on ports used
by other UDP services, but since they don't have control over
the rest of the OS, it's a bunch of config parameters, not
quite as elegant as using net.inet.udp.baddynamic populated
from /etc/services entries (see recent commits in source-
changes or in odc on www.squish.net/openbsd/)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Actual BIND error - Patching OpenBSD 4.3 named ?, Stuart Henderson, (Thu Jul 10, 10:28 am)

Navigation

Popular discussions


linux-kernel:
Jeremy Allison	Re: [RFC] Heads up on sys_fallocate()
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Joerg Roedel	[PATCH 03/34] AMD IOMMU: add defines and structures for ACPI scanning code
Eric W. Biederman	[PATCH] powerpc pseries eeh: Convert to kthread API
linux-netdev:

David Miller	[GIT]: Networking
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Natalie Protasevich	[BUG] New Kernel Bugs
git:

openbsd-misc:

Colocation donated by:

Who's online

There are currently 2 users and 789 guests online.

Online users

Syndicate