1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is Tomato 1.19 vulnerable to DNS cache poisoning?

Discussion in 'Tomato Firmware' started by Morac, Jul 9, 2008.

  1. Morac

    Morac Network Guru Member

    As you may or may not be aware of, there was a massive patch release yesterday where tons of vendors simultaneously fixed a design flaw in DNS which "allows an attacker to introduce forged DNS information into the cache of a caching nameserver."

    Since the Tomato firmware uses Dnsmasq, which caches internet addresses, I'm curious as to whether or not it is vulnerable to the flaw. The author of Dnsmasq stated that he doesn't know if Dnsmasq is affected or not, but plans to implement fixes anyway.

    The flaw also affects: BIND (especially version 8). What version (if any) does the router use?

    DNS forgery test page
  2. HennieM

    HennieM Network Guru Member

    Only dnsmasq on Tomato for DNS AFAIK, except if you install something else.

    The way I read the bug, hackers must get your DNS to run queries; i.e. they must be able to "talk" to your DNS.

    Thus, if you have dnsmasq, or whatever server you use, listening/running only on br0, or your private net side, hackers can't get to it. It seems by default dnsmasq listens only on br0, so Tomato works around the bug, provided that you keep br0 private.
  3. Morac

    Morac Network Guru Member

    Well I should be okay then since my private side is encrypted. People with public (open) client-side networks could be in trouble though. I guess one could always just disable the option to use DNS in the router itself if need be.

    Still the fact that nearly every vendor and ISP patched this simultaneously makes me wonder.
  4. nvtweak

    nvtweak LI Guru Member

    dnsmasq has already been patched. My guess is Jon will update it when the fix is deemed stable (it's currently only in RC status)..

Share This Page