New ZeroConf Spec
Scott James Remnant
scott at ubuntu.com
Wed Jul 12 17:33:59 BST 2006
On Wed, 2006-07-12 at 17:12 +0100, Ian Jackson wrote:
> Scott James Remnant writes ("Re: New ZeroConf Spec"):
> > Not really; even if you use decent filtering, it's still boringly easy
> > to forge UDP packets and inject them into the listening application --
> > there being no sequence number, etc. in the UDP header.
>
> We were discussing DNS. DNS packets have a 16-bit id field which must
> be replicated in the response. However, not all implementations set
> it randomly (mine doesn't, for example!) so you must protect your
> resolver from forged responses.
>
I'm not sure this is also true for Multicast DNS, where updates can be
sent across the network unanticipated.
Scott
--
Scott James Remnant
scott at ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20060712/d7562e68/attachment.pgp
More information about the ubuntu-devel
mailing list