DNS cache poisoning attacks - DNS

This is a discussion on DNS cache poisoning attacks - DNS ; Hello, As recommended, I've upgraded my DNS server to the version BIND 9.5.1b1 . But I still have the message indicating that my server is still vulnerable # dig @192.168.2.3 +short porttest.dns-oarc.net txt Porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e .d.c.b.a.pt.dns-oarc.net. "192.168.2.3 is POOR: 26 queries ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: DNS cache poisoning attacks

  1. DNS cache poisoning attacks

    Hello,
    As recommended, I've upgraded my DNS server to the version BIND 9.5.1b1 . But I still have the message indicating that my server is still vulnerable

    # dig @192.168.2.3 +short porttest.dns-oarc.net txt
    Porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e .d.c.b.a.pt.dns-oarc.net.
    "192.168.2.3 is POOR: 26 queries in 6.4 seconds from 1 ports with std dev 0"

    Is there anything that I've missed?


    Best Regards,


  2. Re: DNS cache poisoning attacks

    In article ,
    "EL MAAYATI Afaf" wrote:

    > Hello,
    > As recommended, I've upgraded my DNS server to the version BIND
    > 9.5.1b1 . But I
    > still have the message indicating that my server is still
    > vulnerable
    >
    > # dig @192.168.2.3 +short porttest.dns-oarc.net txt
    > Porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e .d.c.b.a.pt.dns-oarc.net.
    > "192.168.2.3 is POOR: 26 queries in 6.4 seconds from 1 ports with std dev 0"
    >
    > Is there anything that I've missed?


    Do you have a hard-coded port in the "query-source" option in
    named.conf? Get rid of it.

    Are you behind a firewall? Maybe it's mapping everything to the same
    port.

    --
    Barry Margolin, barmar@alum.mit.edu
    Arlington, MA
    *** PLEASE don't copy me on replies, I'll read them in the group ***


+ Reply to Thread