[nsp-sec] List of vulnerable DNS resolvers
Florian Weimer
fweimer at bfk.de
Wed Jul 23 11:58:59 EDT 2008
* Niels Provos:
> On Wed, Jul 23, 2008 at 12:54 AM, Florian Weimer <fweimer at bfk.de> wrote:
>> How many probes per resolver were used in this survey?
>
> At least ten.
Okay, this means that there is some chance that your list includes
resolvers that use an interval of 1024 different source ports. I
wouldn't consider them vulnerable (and in many cases, their operators
have actually applied a vendor patch and are probably confused why
they receive a notification that says something else).
Anyway, thanks for the effort. I just wanted to share this caveat.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list