djbdns has always had source port randomization which is the technique used to alleviate the current problem. Few other DNS implementations used source port randomization, but those that did were also not vulnerable to this attack. Or perhaps not *as* vulnerable is a better way to put it. After the big patch last month, all of the major DNS implementations have roughly the same level of vulnerability to this attack. jake
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds