Home > mailing lists

Re: Insecure DNS servers on PG infrastructure - Mailing list pgsql-www

From	Joshua D. Drake
Subject	Re: Insecure DNS servers on PG infrastructure
Date	July 27, 2008 21:24:45
Msg-id	488CBFB6.6000207@commandprompt.com Whole thread Raw
In response to	Re: Insecure DNS servers on PG infrastructure (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Insecure DNS servers on PG infrastructure (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-www

Tree view

Tom Lane wrote:
> Andrew Sullivan <ajs@commandprompt.com> writes:
>> On Fri, Jul 25, 2008 at 11:02:03AM -0400, Tom Lane wrote:
>>> If it says FAIR or POOR then you have an unpatched server or there
>>> is something interfering with the port randomization.  If the server
>>> is behind a NAT firewall then the latter is entirely likely.
> 
>> There's no reason that a NAT should do that, if the device is
>> competently built: if you randomise source ports on the inside, the
>> NAT device could just use the same port on the outside.


Tom can you check if this has been resolved? If not I am going to start 
paging people.

Joshua D. Drake

pgsql-www by date:

From: Andrew Sullivan
Date: 25 July 2008, 22:04:57
Subject: Re: Insecure DNS servers on PG infrastructure

From: Stefan Kaltenbrunner
Date: 27 July 2008, 21:34:53
Subject: Re: Insecure DNS servers on PG infrastructure

Re: Insecure DNS servers on PG infrastructure - Mailing list pgsql-www

Previous

Next