On Lu, 08 iul 19, 13:37:26, Lee wrote: > On 7/7/19, andreimpopescu@gmail.com <andreimpopescu@gmail.com> wrote: > > > The dangers are not at all obvious to me, possibly because I haven't > > used it much (if at all). > > Read the first three paragraph of the "Security Considerations" section > https://tools.ietf.org/html/rfc6762#section-21 > > Assuming everything on the network is a trusted host is a dangerous > assumption, so paragraph 1 is N/A > > Assuming a trusted host won't get hacked is a dangerous assumption, so > paragraph 3 is N/A. > > All that's left is paragraph 2 -- and uninstalling whatever software > uses mDNS :) Security is not a black/white thing, it's more like a balancing act. In my opinion mDNS/zeroconf can make perfect sense in some environments and be a complete no-go in others. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
Attachment:
signature.asc
Description: PGP signature