smartdns icon indicating copy to clipboard operation
smartdns copied to clipboard

Published 20 hours ago verified publisher icon pymumu

Report: DNS Cache Poisoning Attack

Open idealeer opened this issue 11 months ago • 3 comments

We found that SmartDNS does not use randomization for the source port in DNS queries, which makes it susceptible to cache poisoning attacks.

idealeer avatar Jan 02 '25 15:01 idealeer

Use a fixed port?

Ryu-Z avatar Jan 21 '25 11:01 Ryu-Z

Use a fixed port?

yes. only change port while reconnect

PikuZheng avatar Jan 21 '25 12:01 PikuZheng

Currently, only one port number will be used for communication, and no random port number be used.

The latest code adds some processing to determine the communication source IP, port, and destination IP port. If these IP/port are different, the data will be discarded, which can avoid some problems to a certain extent.

pymumu avatar Jan 21 '25 14:01 pymumu