[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [DSA 1605-1] DNS vulnerability impact on the libc stub resolver

Quoting Vincent Deffontaines (vincent@gryzor.com):

> And the Linux kernel (Netfilter) implements NAT source port randomization
> since 2.6.21, which can make it a conveninent way to protect your natted
> hosts without any patching.
> See http://software.inl.fr/trac/wiki/contribs/RandomSkype for details.

I believe this works on UDP traffic only starting with 2.6.24.  See:

Reply to: