New ZeroConf Spec

Dick Davies rasputnik at
Fri Jul 14 10:18:25 BST 2006

On 14/07/06, Dan Kegel <dank at> wrote:

> Is the risk of malicious users injecting bad mDNS results really
> no higher than the same threat from normal DNS?
> The normal DNS port is only listened to briefly when a query is
> outstanding, but mDNS is listened to continuously (when used in
> maximum convenience mode, anyway).

mDNS caching works very differently to normal DNS caching. Since
the traffic is multicast, there are plenty of opportunities to 'learn' new
names from overhearing other hosts communicating. Similarly, it's not
uncommon to provide answers in DNS requests.

There are security enhancements in the protocol to prevent this being a
Really Bad Idea.

If you're interested I *highly* recommend the O'Reilly
zeroconf book. Or at least the RFCs :)

Rasputin :: Jack of All Trades - Master of Nuns

More information about the ubuntu-devel mailing list