|
Message-Id: <200807091921.05537.rbu@gentoo.org>
Date: Wed, 9 Jul 2008 19:21:03 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Cc: Matthias Geerdsen <vorlon@...too.org>
Subject: Re: DNS vulnerability: other relevant software
On Wednesday 09 July 2008, Matthias Geerdsen wrote:
> - pdnsd [4]:
> no info yet
Quoting from http://members.home.nl/p.a.rombouts/pdnsd/doc.html :
query_port_start=number;
...
In case a query start port is given pdnsd uses this port as the first
port of a specified port range (see query_port_end) used for queries.
pdnsd will try to randomly select a free port from this range as local
port for the query.
...
The sample configuration file that is shipped does not have this option
set, the default value of this is "0". I can't currently test this on a
kernel that does not randomize by default, so this domaind supports
randomization, and *seems* to have it enabled by default.
Robert
Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.