[Dnsmasq-discuss] Help in DNS amplification attack
@shuToSH Ch@tURveDI
ashutosh.chaturvedi.31 at gmail.com
Thu Jul 16 11:09:56 BST 2015
NO,
i am using router from LAN i am sending query like (nslookup 1and1.com IP
of LAN),
and dnsmasq listening on LAN, and WAN Internet reachable.
i am also not sure this is issue or not.
Thanks,
AS
On Thu, Jul 16, 2015 at 3:23 PM, Albert ARIBAUD <albert.aribaud at free.fr>
wrote:
> Hi AS,
>
> Le Thu, 16 Jul 2015 11:40:42 +0530, "@shuToSH Ch at tURveDI"
> <ashutosh.chaturvedi.31 at gmail.com> a écrit :
>
> > HI,
> >
> > using dnsmasq version 2.70, as mention in CHANGELOG that dns
> amplification
> > attack has been fixed in this version.
> >
> > but when checked this one
> >
> >
> https://help.1and1.com/servers-c37684/parallels-plesk-c37703/troubleshooting-c85156/check-for-the-dns-amplification-attack-vulnerability-a791842.html
> >
> > its not fixed, so anyone can help me this case how to fix this.??
>
> Maybe I'm mistaken, but I think what this page actually tests for is
> whether a given 1and1 hosted machine is an open DNS, not whether it has
> a bug which allows DNS amplicifation.
>
> Indeed being an open DNS makes the machine prone to being used for DNS
> amplification attacks, but:
>
> 1) this test is specifically for 1and1 machines. Is your machine hosted
> by 1and1?
>
> 2) Whether a machine running dnsmasq is an open DNS or not depends on
> *configuration*, not source code -- the fix is a correct configuration
> (of dnsmasq and/or iptables/ip6tables).
>
> > Thanks,
> > AS
>
> Amicalement,
> --
> Albert.
>
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20150716/de0e9e41/attachment-0001.html>
More information about the Dnsmasq-discuss
mailing list