LWN.net Logo

Advertisement

TrustCommerce

E-Commerce & credit card processing - the Open Source way!

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for July 2, 2009

RealtimeKit and the audio problem

VFAT patent avoidance and patent workarounds

LWN.net Weekly Edition for June 25, 2009

Apache attacked by a "slow loris"

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Details of the DNS flaw revealed

Details of the DNS flaw revealed

Posted Aug 13, 2008 18:31 UTC (Wed) by njs (subscriber, #40338)
In reply to: Details of the DNS flaw revealed by smoogen
Parent article: Details of the DNS flaw revealed 

djbdns doesn't do anything magic, and the first good answer still wins; it's just that the
patch everyone else had to apply -- to enable source port randomization, which makes it harder
for an attacker to provide a "good answer" -- was already built-in to djbdns.  Now that
everyone's had to patch, djbdns is just as resistant (or not, see the end of the article) as
everyone else.

(Log in to post comments)

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds