- Jan 18, 2011
- 139
- 2
- 81
Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link
Vulnerability Note VU#550620
https://www.kb.cert.org/vuls/id/550620
https://archive.is/DgwTI
= Solution =
"Block inbound and outbound mDNS on the WAN
If such mDNS behavior is not a requirement for your organization, consider blocking the mDNS UDP port 5353 from entering or leaving your local link network.
Disable mDNS services
Some software and devices may allow disabling of the mDNS services. Please consult with the vendor of your product."
"In Linux, the Avahi software is also known to allow unicast queries."
I've always despised Avahi.
Vulnerability Note VU#550620
https://www.kb.cert.org/vuls/id/550620
https://archive.is/DgwTI
= Solution =
"Block inbound and outbound mDNS on the WAN
If such mDNS behavior is not a requirement for your organization, consider blocking the mDNS UDP port 5353 from entering or leaving your local link network.
Disable mDNS services
Some software and devices may allow disabling of the mDNS services. Please consult with the vendor of your product."
"In Linux, the Avahi software is also known to allow unicast queries."
I've always despised Avahi.
Facebook
Twitter