New ZeroConf Spec
wasabi at larvalstage.net
Mon Jul 17 00:05:08 BST 2006
Any result can sneak in. There is no security involved. Anybody on the
local broadcast subnet can introduce fake or invalid results into
The question is simply "is this a problem"?
On Thu, 2006-07-13 at 17:09 -0700, Dan Kegel wrote:
> On 7/13/06, Patrick McFarland <diablod3 at gmail.com> wrote:
> > mDNS on most machines is not a security hazard. If you're worried about
> > various daemons and programs having security flaws, then audit them. If
> > you're just paranoid about other computers maliciously hacking you, then
> > build a firewall app that has a prominent feature: "Click here to disable
> > mDNS."
> Is the risk of malicious users injecting bad mDNS results really
> no higher than the same threat from normal DNS?
> The normal DNS port is only listened to briefly when a query is
> outstanding, but mDNS is listened to continuously (when used in
> maximum convenience mode, anyway).
> That sounds like a bigger window for bad results to sneak in.
More information about the ubuntu-devel