Hi all,
For anyone running fwknop on a system with a version of glibc that is
vulnerable to the "GHOST" gethostbyname() attack[1], you don't have to
worry about fwknop being an exploit vector. This is because fwknop /
fwknopd do not use gethostbyname(). The client uses getaddrinfo() which
replaces the legacy gethostbyname() functions, and the fwknopd daemon does
not issue DNS requests at all.
[1] http://www.openwall.com/lists/oss-security/2015/01/27/9
Thanks,
--Mike
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Fwknop-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
