[LINK] Does your ISP randomize the DNS source port?
Jon Seymour
jon.seymour at gmail.com
Tue Jul 29 16:32:42 AEST 2008
Having stumbled across this vulnerability:
http://www.kb.cert.org/vuls/id/800113
and this test:
http://www.doxpara.com/
and finding that my ISP's DNS doesn't use randomised source ports, I
sent an e-mail to my ISP asking what plans they had to address the
problem.
This is the response I got:
> Thanks for the email. With regards to your query, I assure you that
our DNS server is operating fine with no problems.
Despite the fact that their DNS still uses a fixed source port. What
part of "randomize your source port" don't they understand, I wonder?
I will give them a chance to address this properly before I name and shame them.
jon seymour.
More information about the Link
mailing list