> Dan Kaminsky discovered that properties inherent to the DNS protocol
> lead to practical DNS spoofing and cache poisoning attacks. Among
> other things, successful attacks can lead to misdirected web traffic
> and email rerouting.
> Is polipo's internal resolver impacted?
If you can trust what has been leaked -- no, Polipo is not vulnerable
*to this particular attack*. The attack relies on poisoning the cache
using ``additional data'' records -- and Polipo ignores ``additional data''.
THis doesn't change the fact that Polipo's stub resolver (just like
glibc's stub resolver) is completely insecure, and should only ever be
used with a recursive resolver that is being reached over network
infrastructure that you control.
Regards,
Juliusz
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Polipo-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/polipo-users
