DNS-OARC.NETのDuane Wessels 氏 が キャッシュサーバの毒入れ脆弱性が簡易にチェックできるサイトを用意してくれている。
djb1.05% dig +short porttest.dns-oarc.net TXT z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "*.*.*.* is GOOD: 26 queries in 3.8 seconds from 26 ports with std dev 19215.34"
unbound1.0% dig +short porttest.dns-oarc.net TXT z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "*.*.*.* is GOOD: 26 queries in 4.5 seconds from 26 ports with std dev 18833.09"
BIND9.3.5% dig +short porttest.dns-oarc.net TXT z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "*.*.*.* is POOR: 26 queries in 3.8 seconds from 1 ports with std dev 0.00"
ちなみに今日はJANOG22の崩壊セッションに登壇予定
Copyright by T.Suzuki
let me take another opportunity to thank dan bernstein for coming up<br>with the idea of UDP source port randomization for DNS transactions.<br>(Paul Vixie)
How was JANOG22の崩壊セッション?
What was JANOG22の崩壊セッション?