Maintained by: NLnet Labs

[Unbound-users] DNS poisoning - any ideas how this can happen?

Dave Warren
Tue Feb 10 22:49:23 CET 2015


On 2015-02-10 06:50, W.C.A. Wijngaards wrote:
> After off-list conversation (with conf and logs), the solution is
> harden-glue: yes in unbound.conf.  The default is yes, but in pfSense
> it was turned off.

Ouch, that seems like a sub-optimal configuration.

Was this in the unbound package available for pfSense 2.1 and earlier, 
or the native unbound implementation in pfSense 2.2? Did you log any 
bugs on the pfSense side or does this still need to be done?

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren