New ZeroConf Spec
Ian Jackson
ian at davenant.greenend.org.uk
Wed Jul 12 17:12:04 BST 2006
Scott James Remnant writes ("Re: New ZeroConf Spec"):
> Not really; even if you use decent filtering, it's still boringly easy
> to forge UDP packets and inject them into the listening application --
> there being no sequence number, etc. in the UDP header.
We were discussing DNS. DNS packets have a 16-bit id field which must
be replicated in the response. However, not all implementations set
it randomly (mine doesn't, for example!) so you must protect your
resolver from forged responses.
Ian.
More information about the ubuntu-devel
mailing list