Quick DNS perfromance measurement trick
Chip Marshall
chip at 2bithacker.net
Fri Jul 11 09:17:22 EDT 2008
On July 10, 2008, Jeff Kinz sent me the following:
> It appears that "good" resolvers have lots of ports.
>
> Anyone who wants to take a whack at explaining what this means is very
> welcome!
http://www.kb.cert.org/vuls/id/800113
Basically, if you have a single port or small range of ports that you
generate DNS queries from, it becomes easier to poison your cache with
invalid answers. Since that security announcement, there's been a big
push to deploy updated versions of BIND that use a wider souce port
range.
--
Chip Marshall <chip at 2bithacker.net>
http://weblog.2bithacker.net/ PGP key ID 43C4819E
v4sw5PUhw4/5ln5pr5FOPck4ma4u6FLOw5Xm5l5Ui2e4t4/5ARWb7HKOen6a2Xs5IMr2g6CM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20080711/91fe1842/attachment.bin
More information about the gnhlug-discuss
mailing list