| View previous topic :: View next topic |
| Author |
Message |
Plastic
l33t
Joined: 24 Mar 2004
Posts: 649
|
 Posted: Sat Aug 28, 2004 4:33 pm Post subject: dnsmasq creates security hole |
 |
|
I am using a router I configured with the home router guide. The problem is that nessus says | Code: | . Vulnerability found on port general/udp :
It is possible to by-pass the rules of the remote firewall
by sending UDP packets with a source port equal to 53.
An attacker may use this flaw to inject UDP packets to the remote
hosts, in spite of the presence of a firewall.
Solution : Review your firewall rules policy
Risk Factor : High
BID : 7436
|
I am new to iptables. How can I plug this hole? |
|
| Back to top |
|
 |
devon
l33t
Joined: 23 Jun 2003
Posts: 943
|
| Posted: Sat Aug 28, 2004 7:00 pm Post subject: |
|
|
Where did you run the Nessus scan from? Behind the router/firewall or from the Internet? I don't personally use dnsmasq, but you may want to use the -i option to have dnsmasq only listen on the NIC that connects to your LAN and not to the Internet.  |
|
| Back to top |
|
|
|
Networking & Security
