Re: BIND update?
- From: Oliver Fromme <olli@xxxxxxxxxxxxxxxxx>
- Date: Wed, 9 Jul 2008 12:54:04 +0200 (CEST)
Andrew Storms wrote:
http://www.isc.org/index.pl?/sw/bind/bind-security.php
I'm just wondering ...
ISC's patches cause source ports to be randomized, thus
making it more difficult to spoof response packets.
But doesn't FreeBSD already randomize source ports by
default? So, do FreeBSD systems require to be patched
at all?
Best regards
Oliver
PS:
$ sysctl net.inet.ip.portrange.randomized
net.inet.ip.portrange.randomized: 1
$ sysctl -d net.inet.ip.portrange.randomized
net.inet.ip.portrange.randomized: Enable random port allocation
--
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd
It's trivial to make fun of Microsoft products,
but it takes a real man to make them work,
and a God to make them do anything useful.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: BIND update?
- From: Mike Tancsa
- Re: BIND update?
- From: Jille Timmmermans
- Re: BIND update?
- References:
- BIND update?
- From: Andrew Storms
- BIND update?
- Prev by Date: Re: OPIE Challenge sequence
- Next by Date: subsribe
- Previous by thread: Re: BIND update?
- Next by thread: Re: BIND update?
- Index(es):
Relevant Pages
|
