Date: Wed, 9 Jul 2008 19:21:03 +0200 From: Robert Buchholz <rbu@...too.org> To: oss-security@...ts.openwall.com Cc: Matthias Geerdsen <vorlon@...too.org> Subject: Re: DNS vulnerability: other relevant software On Wednesday 09 July 2008, Matthias Geerdsen wrote: > - pdnsd : > no info yet Quoting from http://members.home.nl/p.a.rombouts/pdnsd/doc.html : query_port_start=number; ... In case a query start port is given pdnsd uses this port as the first port of a specified port range (see query_port_end) used for queries. pdnsd will try to randomly select a free port from this range as local port for the query. ... The sample configuration file that is shipped does not have this option set, the default value of this is "0". I can't currently test this on a kernel that does not randomize by default, so this domaind supports randomization, and *seems* to have it enabled by default. Robert Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.