Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 9 Jul 2008 19:21:03 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Cc: Matthias Geerdsen <vorlon@...too.org>
Subject: Re: DNS vulnerability: other relevant software

On Wednesday 09 July 2008, Matthias Geerdsen wrote:
> - pdnsd [4]:
> 	no info yet

Quoting from http://members.home.nl/p.a.rombouts/pdnsd/doc.html :

query_port_start=number;
...
In case a query start port is given pdnsd uses this port as the first 
port of a specified port range (see query_port_end) used for queries. 
pdnsd will try to randomly select a free port from this range as local 
port for the query.
...

The sample configuration file that is shipped does not have this option 
set, the default value of this is "0". I can't currently test this on a 
kernel that does not randomize by default, so this domaind supports 
randomization, and *seems* to have it enabled by default.


Robert

Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.