[Dnsmasq-discuss] Help in DNS amplification attack
Albert ARIBAUD
albert.aribaud at free.fr
Thu Jul 16 10:53:27 BST 2015
Hi AS,
Le Thu, 16 Jul 2015 11:40:42 +0530, "@shuToSH Ch at tURveDI"
<ashutosh.chaturvedi.31 at gmail.com> a écrit :
> HI,
>
> using dnsmasq version 2.70, as mention in CHANGELOG that dns amplification
> attack has been fixed in this version.
>
> but when checked this one
>
> https://help.1and1.com/servers-c37684/parallels-plesk-c37703/troubleshooting-c85156/check-for-the-dns-amplification-attack-vulnerability-a791842.html
>
> its not fixed, so anyone can help me this case how to fix this.??
Maybe I'm mistaken, but I think what this page actually tests for is
whether a given 1and1 hosted machine is an open DNS, not whether it has
a bug which allows DNS amplicifation.
Indeed being an open DNS makes the machine prone to being used for DNS
amplification attacks, but:
1) this test is specifically for 1and1 machines. Is your machine hosted
by 1and1?
2) Whether a machine running dnsmasq is an open DNS or not depends on
*configuration*, not source code -- the fix is a correct configuration
(of dnsmasq and/or iptables/ip6tables).
> Thanks,
> AS
Amicalement,
--
Albert.
More information about the Dnsmasq-discuss
mailing list