[169783] in North American Network Operators' Group
Re: new DNS forwarder vulnerability
daemon@ATHENA.MIT.EDU (Gary Baribault)
Sat Mar 15 12:26:30 2014
Date: Sat, 15 Mar 2014 12:26:02 -0400
From: Gary Baribault <gary@baribault.net>
To: nanog@nanog.org
In-Reply-To: <CF48AA21.C8DC8%jason_livingood@cable.comcast.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Why would a CPE have an open DNS resolver from the WAN side?
Gary Baribault
On 03/14/2014 12:45 PM, Livingood, Jason wrote:
> Well, at least all this CPE checks in for security updates every night so
> this should be fixable. Oh wait, no, nevermind, they don't. :-(
>
>
> This is getting to be the vulnerability of the week club for home gateway
> devices - quite concerning.
>
> JL
>
> On 3/14/14, 12:05 PM, "Merike Kaeo" <merike@doubleshotsecurity.com> wrote:
>
>> On Mar 14, 2014, at 7:06 AM, Stephane Bortzmeyer <bortzmeyer@nic.fr>
>> wrote:
>>
>>> On Fri, Mar 14, 2014 at 01:59:27PM +0000,
>>> Nick Hilliard <nick@foobar.org> wrote
>>> a message of 10 lines which said:
>>>
>>>> did you characterise what dns servers / embedded kit were
>>>> vulnerable?
>>> He said "We have not been able to nail this vulnerability down to a
>>> single box or manufacturer" so it seems the answer is No.
>>
>>
>> It is my understanding that many CPEs work off of same reference
>> implementation(s). I haven't
>> had any cycles for this but with all the CPE issues out there it would be
>> interesting to have
>> a matrix of which CPEs utilize which reference implementation. That may
>> start giving some clues.
>>
>> Has someone / is someone doing this?
>>
>> - merike
>>
>
>
