Date: Wed, 09 Jul 2008 14:07:01 +0200 From: Matthias Geerdsen <vorlon@...too.org> To: oss-security@...ts.openwall.com Subject: DNS vulnerability: other relevant software Hi, looking at some of the DNS related software in our tree, I thought it might be nice to keep track of any findings of affected and unaffected packages... So here is a start: - posadis : has not seen an update since dec 2004; I could not find any info on port randomization etc., but considering the age it might probably have other issues too. - dnsmasq : no port randomization  - pdnsd : no info yet - MaraDNS : "MaraDNS uses a strong secure RNG for both the query (16 bits of entropy) and the source port of the query (12 bits of entropy). This makes spoofing replies to a MaraDNS server more difficult, since the attacker has only a one in 250 million chance that a given spoofed reply will be considered valid."  - MyDNS : "MyDNS does not include recursive name service, nor a resolver library." also this thread  - DNRD : "Uses random source port and random query ID's to prevent cache poisoning." Matthias  <http://posadis.sourceforge.net/>  <http://www.thekelleys.org.uk/dnsmasq/doc>  <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2008q3/002147.html>  <http://www.phys.uu.nl/~rombouts/pdnsd/>  <http://www.maradns.org/>  <http://www.maradns.org/tutorial/man.maradns.html>  <http://mydns.bboy.net/>  <http://sourceforge.net/mailarchive/forum.php?thread_name=714ef0060807081802h4e52a70ak4f52e06c11e2abfe%40mail.gmail.com&forum_name=mydns-users>  <http://dnrd.sourceforge.net/> -- Matthias Geerdsen (vorlon) Gentoo Linux Security Team http://security.gentoo.org Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.