sai wrote:
checkpoint firewalls seem to have a problem in not randomising (or
even de-randomising) dns request source port [1]
do we have a similar problem with pfSense?
No, pf has randomized source ports on all NATed TCP and UDP traffic for
8 years. I was surprised to find out that's the exception rather than
the norm. Cisco, Checkpoint, amongst numerous others apparently do not
randomize source ports on NATed traffic.
The net result of this is if your DNS servers are behind pfSense, you
could very well be protected from all this DNS noise of late even
without patches. For the DNS forwarder running on pfSense itself, see
http://blog.pfsense.org/?p=210
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]