http://blog.pfsense.org/?p=220 News, reviews and more related to the pfSense firewall project Fri, 17 May 2013 19:48:23 +0000 hourly 1 http://wordpress.org/?v=3.5.1 http://blog.pfsense.org/?p=220&cpage=1#comment-1653 Chris Buechler Thu, 24 Jul 2008 15:34:49 +0000 http://blog.pfsense.org/?p=220#comment-1653 Another explanation if anyone is interested
http://www.avertlabs.com/research/blog/index.php/2008/07/23/the-cat-is-out-of-the-bag-dns-bug/

]]> http://blog.pfsense.org/?p=220&cpage=1#comment-1650 Chris Buechler Thu, 24 Jul 2008 02:39:18 +0000 http://blog.pfsense.org/?p=220#comment-1650 Exploits are now widely available for this.
http://blogs.zdnet.com/security/?p=1545

]]> http://blog.pfsense.org/?p=220&cpage=1#comment-1648 Chris Buechler Wed, 23 Jul 2008 21:43:38 +0000 http://blog.pfsense.org/?p=220#comment-1648 Beat: Well it would be there with or without you. But yes, your situation did indeed further bring to light the need to be careful what is providing NAT in your environment. pf’s NAT is excellent from a security perspective – many, many other commercial and open source options are terrible about this and will leave you vulnerable to this particular attack as well as other possible issues in the future.

]]> http://blog.pfsense.org/?p=220&cpage=1#comment-1647 Beat Wed, 23 Jul 2008 21:27:51 +0000 http://blog.pfsense.org/?p=220#comment-1647 I feel a bit involvet at least for the last paragraph. Seems like a abstract from recently discussed thread “[pfSense Support] DNS cache poisoning (solved)”

]]>