[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Assorted arm-buster problems - network configuration

On 7/7/19, andreimpopescu@gmail.com <andreimpopescu@gmail.com> wrote:
> On Sb, 06 iul 19, 15:36:37, Lee wrote:
>> "an accident waiting to happen" was from me and I also gave the rfc
>> for mdns, so that's hardly "nothing of substance to support that
>> view."  If you're having trouble finding the rfc, it's here
>>   https://tools.ietf.org/html/rfc6762
> Care to elaborate though?

While reading about a security issue I came across the line "An
insecure protocol will eventually be exploited." - which sounds right
to me.  And the standard q&a for most security issues involving an
insecure protocol seems to be
q: how do i prevent <bad thing> from happening?
a: by not allowing it in the first place.

Hopefully we're clear about my bias now :)

> The dangers are not at all obvious to me, possibly because I haven't
> used it much (if at all).

Read the first three paragraph of the "Security Considerations" section

Assuming everything on the network is a trusted host is a dangerous
assumption, so paragraph 1 is N/A

Assuming a trusted host won't get hacked is a dangerous assumption, so
paragraph 3 is N/A.

All that's left is paragraph 2 -- and uninstalling whatever software
uses mDNS :)


Reply to: