New ZeroConf Spec
Dan Kegel
dank at kegel.com
Fri Jul 14 01:09:27 BST 2006
On 7/13/06, Patrick McFarland <diablod3 at gmail.com> wrote:
> mDNS on most machines is not a security hazard. If you're worried about
> various daemons and programs having security flaws, then audit them. If
> you're just paranoid about other computers maliciously hacking you, then
> build a firewall app that has a prominent feature: "Click here to disable
> mDNS."
Is the risk of malicious users injecting bad mDNS results really
no higher than the same threat from normal DNS?
The normal DNS port is only listened to briefly when a query is
outstanding, but mDNS is listened to continuously (when used in
maximum convenience mode, anyway).
That sounds like a bigger window for bad results to sneak in.
More information about the ubuntu-devel
mailing list