Hacker News new | past | comments | ask | show | jobs | submit login
Linux has a serious security problem that once again enables DNS cache poisoning (arstechnica.com)
4 points by leephillips on Nov 17, 2021 | hide | past | favorite | 1 comment



So in summary this leverages ICMP redirects as the side channel attack. That seems fairly straight forward to mitigate, by disabling ICMP redirects. I believe this is already a common practice by anyone following the current CIS and/or NIST guidelines and benchmarks.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: