[LINK] Does your ISP randomize the DNS source port?
Karl Auer
kauer at biplane.com.au
Tue Jul 29 16:49:00 AEST 2008
On Tue, 2008-07-29 at 16:32 +1000, Jon Seymour wrote:
> > Thanks for the email. With regards to your query, I assure you that
> our DNS server is operating fine with no problems.
>
> Despite the fact that their DNS still uses a fixed source port. What
> part of "randomize your source port" don't they understand, I wonder?
If you are behind a NAT device - and 99% of all home users are - your
NAT is almost certainly derandomising the port numbers used. Only a test
on the open Internet is really valid.
If you don't have access to the open Internet, let me know the DNS
servers and I'll check them for you.
> I will give them a chance to address this properly before I name and
> shame them.
Naming them won't shame them, regardless. At worst it shows they are
mistaken. Never been mistaken?
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/ +61-428-957160 (mob)
GPG fingerprint: DD23 0DF3 2260 3060 7FEC 5CA8 1AF6 D9E3 CFEE 6B28
Public key at : random.sks.keyserver.penguin.de
More information about the Link
mailing list