> Date: Tue, 22 Jul 2008 18:05:27 +0100
> From: si...@thekelleys.org.uk
> To: ag...@hotmail.com
> CC: dnsmasq-discuss@lists.thekelleys.org.uk
> Subject: Re: [Dnsmasq-discuss] Question about DNS vunlerabiltiy in dnsmasq
>
> A C wrote:
> > I'm running dnsmasq 2.35 but it's on an embedded system and the package
> > manager hasn't created a new version yet. I wanted to know how
> > vulnerable I was to the recent security alert regarding DNS and whether
> > there's a potential workaround that I could put in place for now.
> >
>
> "How vulnerable" is a difficult question. AFAIK, the attack hasn't been
> seen in the wild, and it's assumed that the Bad Guys don't know it, so
> you're absolutely safe until Dan Kaminsky spills the beans (August?)
>
> Does that give you enough time to get a new version in place?
>
> Simon.
Well, not really. I don't have the ability to generate a package for the
embedded system so I'm at the mercy of the package maintainer. I've already
mailed them to see if they'll update but it may be a while and I was hoping
there was a reasonable workaround that could be implemented in the interim or
until I can get a replacement router in place that doesn't require package
management.
_________________________________________________________________
Use video conversation to talk face-to-face with Windows Live Messenger.
http://www.windowslive.com/messenger/connect_your_way.html?ocid=TXT_TAGLM_WL_Refresh_messenger_video_072008