Elementary OS is susceptible to DNS cache poisoning
Bug #1560783 reported by
Bob Meyers
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| elementary OS |
New
|
Wishlist
|
Unassigned | ||
Bug Description
Elementary uses the default DNS servers which belong to the Internet provider. This leaves it exposed to all manner of cache poisoning tricks which have been documented extensively in the wild. Defaulting to OpenDNS servers by hardcoded IP address would be one good way to address this. If the user overrides these addresses, then perhaps future new connections should default to the DNS server IPs most recently provided. cjDNS is also worth looking into. There is no magic bullet here, but the security situation could easily be improved.
| Changed in elementaryos: | |
| importance: | Undecided → Wishlist |
Revision history for this message
| Ciaran McAleer (ciaran39) wrote | #1 |
To post a comment you must log in.
Could you use a poison tap to gain access to any accounts I dont have one but someone could try it to see if the vulnerability is still there. btw flag it as a security risk asap