DNS spoofing vulnerability

Gilles Espinasse g.esp at free.fr
Fri Jul 11 16:24:47 PDT 2008


----- Original Message ----- 
From: "Chris Buxton" <cbuxton at menandmice.com>
To: "Hardened LFS Development List" <hlfs-dev at linuxfromscratch.org>
Sent: Saturday, July 12, 2008 1:11 AM
Subject: DNS spoofing vulnerability


> I assume most of you have heard about the recent BIND/MS DNS updates  
> to somewhat address a new DNS spoofing attack vector discovered by Dan  
> Kaminsky.
> 
> What you may not have heard is that the Unix stub resolver, part of  
> glibc, is also vulnerable.
> 
> Does anyone know if/when glibc will be patched against this? Until it  
> is, you should disable nscd (the stub resolver's caching daemon) if  
> you're using it. (Also disable any other DNS caching routine you have  
> running until the problem is addressed by the vendor - too bad Mac  
> users really can't do this.) This will reduce your exposure, although  
> not as much as using a patched stub resolver would.
> 
dnsmasq-2.43 now has randomized port(released today)

Gilles



More information about the hlfs-dev mailing list