|
||||||||
Hello, in light of the recent CERT advisory about more DNS cache poisoning vulnerabilities in all DNS server software (discovered by Dan Kaminsky), the author of Dnsmasq has released version 2.43rc3 of his DNS forwarder software, which is used in m0n0wall (even though at this point he believes that Dnsmasq isn't affected, as it doesn't do recursive name resolution). This version now includes the recommended query source port randomization. He'd be grateful if this Dnsmasq version got as much testing as possible, as there's some time pressure to release a fixed final version. I have therefore (and also because of the "Register DHCP leases in DNS forwarder" mishap in 1.3b12) created a preliminary 1.3b13 version for the slightly more adventurous among you to test. http://m0n0.ch/wall/downloads-local/cdrom-1.3b13-pre.iso http://m0n0.ch/wall/downloads-local/generic-pc-1.3b13-pre.img http://m0n0.ch/wall/downloads-local/net45xx-1.3b13-pre.img http://m0n0.ch/wall/downloads-local/net48xx-1.3b13-pre.img http://m0n0.ch/wall/downloads-local/wrap-1.3b13-pre.img Any problems with the DNS forwarder in this release -> please post to the mailing list. Thanks! Changes since 1.3b12: - updated Dnsmasq to 2.43rc3 (DNS query source port randomization) - fixed "Register DHCP leases in DNS forwarder" feature - fixed issue with PPTP VPN and traffic shaper (see http://forum.m0n0.ch/index.php/topic,1905.0/) - support for IPv6 over PPPoE/PPPTP Good night(/morning/afternoon/whatever), Manuel |