[Dnsmasq-discuss] Question about DNS vunlerabiltiy in dnsmasq
agcme at hotmail.com
Wed Jul 23 00:30:26 BST 2008
> Date: Tue, 22 Jul 2008 18:05:27 +0100
> From: simon at thekelleys.org.uk
> To: agcme at hotmail.com
> CC: dnsmasq-discuss at lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Question about DNS vunlerabiltiy in dnsmasq
> A C wrote:
> > I'm running dnsmasq 2.35 but it's on an embedded system and the package
> > manager hasn't created a new version yet. I wanted to know how
> > vulnerable I was to the recent security alert regarding DNS and whether
> > there's a potential workaround that I could put in place for now.
> "How vulnerable" is a difficult question. AFAIK, the attack hasn't been
> seen in the wild, and it's assumed that the Bad Guys don't know it, so
> you're absolutely safe until Dan Kaminsky spills the beans (August?)
> Does that give you enough time to get a new version in place?
Well, not really. I don't have the ability to generate a package for the embedded system so I'm at the mercy of the package maintainer. I've already mailed them to see if they'll update but it may be a while and I was hoping there was a reasonable workaround that could be implemented in the interim or until I can get a replacement router in place that doesn't require package management.
Use video conversation to talk face-to-face with Windows Live Messenger.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dnsmasq-discuss