[nsp-sec] List of vulnerable DNS resolvers
Niels Provos
niels at google.com
Wed Jul 23 10:53:32 EDT 2008
On Wed, Jul 23, 2008 at 12:54 AM, Florian Weimer <fweimer at bfk.de> wrote:
> How many probes per resolver were used in this survey?
At least ten.
> Your test yields false positives for resolvers which use a contiguous
> range of source ports, even if it could be deemed sufficiently large.
> In other words, I believe _MIN_STDDEV is too large.
It's difficult to set a threshold. I am hoping the tool provides
enough information so that people can eyeball what is safe enough for
them. It provides information in addition to just standard deviation
such as repeating ports, etc. I received some requests to make the
tool more user friendly and will try to address your concern, too.
Niels.
More information about the nsp-security
mailing list