Hi Everybody, My Linux is OpenSuSE 11.4 with Kernel 2.6.37.6-0.5 which is used for DNS server. I have installed bind-9.7.3P3-0.2.1
Our external auditor used "NeXpose" for scanning my system. It showed "Insufficient DNS Source Port Randomization Vulnerability". Therefore I have followed BIND 9 Configuration Reference Guide, I have adjusted named.conf configuration file as below : query-source address * port * ; query-source-v6 address * port *; use-v4-udp-ports { range 1024 65535; }; use-v6-upd-ports ( range 1024 65535; }; But I am not lucky, The NeXpose software still showed the same vulnerability. Anybody has some issue ? Anybody can help me ? Thanks a lot, Pete Fong _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users