|
Vulnerability MacDNS Affected Mac Description There is a problem about MacDNS crashing on a 6100/66. The problem is that the firewall is sending DNS requests at a sufficiently high rate to crash MacDNS. Among other things, the firewall is attempting to resolve the inverse domain name of every URL requested by users. This could amount to bursts of several DNS requests per second over several seconds. This may have possibly resulted in some buffer in either the MacOS or MacDNS being overrun (Warning: this might be used for a D.O.S. attack on sites using MacDNS) and a subsequent O/S crash. This problem may or may not apply to other Mac based DNS products. Credit goes to Dan Brown. Solution The solution is to reconfigure the bastion host to use its own name resolver. However, this may expose some internal DNS information to the outside world; we are considering using packet filtering to address this problem.