Dnsmasq Vulnerabilities Threaten DNS Integrity

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Larger Font Styles
    Guest:

    Just a quick heads-up that I've implemented larger font variants of our forum's light and dark page styles. You can select the style of your choice by scrolling to the footer of any page here. This might be more comfortable (it is for me) for those with high-resolution displays where the standard fonts, while permitting a lot of text to fit on the screen, might be uncomfortably small.

    (You can permanently dismiss this notification with the “X” at the upper right.)

    /Steve.

PHolder

Well-known member
Sep 16, 2020
630
2
308
Ontario, Canada
I came across a beta update for my router and it mentioned a hotfix for dnmasq related issues, so I did a quick Google and this turned up.


@Steve, could be a topic for the podcast.
 

pmikep

Well-known member
Dec 26, 2020
60
9
I saw that update for my EdgeMax's. But I use BIND and so disabled DNS caching in my router. (I can't find (using a quick DDG search) whether BIND is susceptible to DNSpooq or not. Nor is there anything about pooq that I can find in the BIND 9.17.9 Release Notes.)
 

MichaelRSorg

Well-known member
Nov 1, 2020
59
6
RouterSecurity.org
This is a great test of your router vendor. This bug flies under the radar. Does your router vendor fix it? Do they say anything at all about it? My preferred router vendor (Peplink) was asked about it and found the vulnerable software in only one of their models and only in one specific use case. If you have a consumer router from Netgear, Linksys, Asus, TP-Link, D-Link, etc. try to see if they acknowledge this in any way.
 
  • Like
Reactions: danlock

pioruns

Bitcoiner since 2011.
Sep 23, 2020
5
0
UK
ttbit.mine.bz
I saw that update for my EdgeMax's. But I use BIND and so disabled DNS caching in my router. (I can't find (using a quick DDG search) whether BIND is susceptible to DNSpooq or not. Nor is there anything about pooq that I can find in the BIND 9.17.9 Release Notes.)

I also use BIND in my local network and I didn't realized that Edgerouter X is running another DNS service (dnsmasq) with it's own cache. Now I've disabled it. Thanks.
 

pmikep

Well-known member
Dec 26, 2020
60
9
Not only that, but Windows (if you're running it) has ITS own DNS cache too.

I disable the service in Windows, although doing that generates errors in the Event Log. (And, IIRC, causes problems for other services that depend on the DNS service.)