Am 15.03.2013 10:57, schrieb Ed Greshko: > On 03/15/13 17:46, Ed Greshko wrote: >> Is the destination IP address a single IP address or are there others. >> >> Is your system running a DNS server? If you are running one, is it supposed >> to be servicing requests from the Internet? If it is supposed to be taking >> requests from the Internet, have you made sure to configure such that >> recursion is disabled. > > Never mind.... > > In re-reading the original message I see the "source port" is 35442. I'm > pretty sure recursion from a DNS server would show 53 as the source port.
pretty sure only if your DNS is very outdated http://unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html http://en.wikipedia.org/wiki/DNS_spoofing As stated above, source port randomization for DNS requests, combined with the use of cryptographically-secure random numbers for selecting both the source port and the 16-bit cryptographic nonce, can greatly reduce the probability of successful DNS race attacks.
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
