[Dnsmasq-discuss] Help in DNS amplification attack
ashutosh.chaturvedi.31 at gmail.com
Thu Jul 16 11:09:56 BST 2015
i am using router from LAN i am sending query like (nslookup 1and1.com IP
and dnsmasq listening on LAN, and WAN Internet reachable.
i am also not sure this is issue or not.
On Thu, Jul 16, 2015 at 3:23 PM, Albert ARIBAUD <albert.aribaud at free.fr>
> Hi AS,
> Le Thu, 16 Jul 2015 11:40:42 +0530, "@shuToSH Ch at tURveDI"
> <ashutosh.chaturvedi.31 at gmail.com> a écrit :
> > HI,
> > using dnsmasq version 2.70, as mention in CHANGELOG that dns
> > attack has been fixed in this version.
> > but when checked this one
> > its not fixed, so anyone can help me this case how to fix this.??
> Maybe I'm mistaken, but I think what this page actually tests for is
> whether a given 1and1 hosted machine is an open DNS, not whether it has
> a bug which allows DNS amplicifation.
> Indeed being an open DNS makes the machine prone to being used for DNS
> amplification attacks, but:
> 1) this test is specifically for 1and1 machines. Is your machine hosted
> by 1and1?
> 2) Whether a machine running dnsmasq is an open DNS or not depends on
> *configuration*, not source code -- the fix is a correct configuration
> (of dnsmasq and/or iptables/ip6tables).
> > Thanks,
> > AS
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dnsmasq-discuss