> You're right, none of the BIND server stuff relates to you - I think > AT&T should be able to upgrade their servers in time, if they haven't > already. We're only discussing it because you brought it up. > Actually it was you who brought it up with that "Chicken Little" routine:)
> If you want to check on AT&T's progress, execute this command > [assuming you have dig installed]: > > dig +short porttest.dns-oarc.net TXT That just shows the level of source port randomness for a given resolver. Poor randomness in itself does not constitute a vulnerability but it is a prerequisite for Kaminsky's sploit, and others to work. People have been attacking DNS successfully since it was introduced. DNS attacks don't target single individuals but instead attack the trusted DNS infrastructure to misdirect the end users. This means only the big players are the logical targets anyway, not HLFS users. Marty B. -- Electile Dysfunction : the inability to become aroused over any of the choices for President put forth by either party in the 2008 election.
signature.asc
Description: OpenPGP digital signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
