[Unbound-users] "outgoing tcp": connect failed due to link-local destinations (and other bogus addresses)
Yuri Schaeffer
yuri at nlnetlabs.nl
Tue Sep 9 21:50:00 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Jeroen,
> (Browsers going to connect to local sites (RFC1918/link-local etc)
> is of course a scary thing when it a remote site specifying some
> remotely controlled DNS server specifying those local addresses,
> but that is a browser issue).
Using the "private-address" directive in unbound.conf, Unbound can
protect you against such DNS rebinding attacks.
Could you elaborate on the significance of querying multicast addresses?
Regards.,
Yuri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlQPdggACgkQI3PTR4mhavgFhQCfW0sGPvEGgw5OtLo46LYDG535
0RkAniAON2XSwG+R882rEB2zlbrFzF35
=Ei+3
-----END PGP SIGNATURE-----
More information about the Unbound-users
mailing list