zeroconf and security
Harald Hoyer
harald at redhat.com
Tue Aug 24 13:23:18 UTC 2004
Colin Walters wrote:
> On Tue, 2004-08-24 at 12:54 +0200, Harald Hoyer wrote:
>
>>With all those DHCP and DNS magic, the question comes up, if there is any security check involved?
>>Will the user be asked, if he accepts the configuration from DHCP server x which gives additional DNS server y, which pulls in several configurations?
>>
>>Without security checks I could redirect a users desktop easily to my linux laptop,
>>which maybe answers a DHCP request faster than the company DHCP server.
>
>
> Sure. You can also answer DNS requests faster than the company DNS
> server. There's nothing new here, these protocols are insecure. Barring
> widespread use of DNSSEC, security has to come at a higher level via
> IPSec, TLS, etc.
DNS or DHCP?
More information about the fedora-devel-list
mailing list