|
|
|
|
|
|
by 1oooqooq
771 days ago
|
|
|
why fish for fwupd? systemd-resolved which is everywhere, will open (at request) an LLMNR server (a.k.a. mDNS, nee microsoft netbios) on port 5355. With IoT everyone have access to your LAN, so now people are making sure linux also join the REDACTED party btw, fix for fwupmdg, since they have a low quality default conf file without commented out defaults: ```
# /etc/fwupd/fwupd.conf
[fwupd]
P2pPolicy=none
```
fix for resolved is commented out on /etc/systemd/resolved.conf `LLMNR=no`, and you probably also want `DNSStubListener=no`. heck here is a good default ```
# /etc/systemd/resolved.conf
[Resolve]
DNS=9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
FallbackDNS=127.0.0.1 ::1
Domains=~.
DNSOverTLS=yes
LLMNR=no
DNSStubListener=no
```
|
|
|
veering offtopic: I always thought mDNS was an Apple thing, since Bonjour is the most extensive implementation of it (and Windows sucks at it. In fact the only way I found to get a full mDNS implementation on Windows a few years ago was to install Bonjour via an installer extracted from iTunes for Windows).
The Wikipedia page for mDNS [1] doesn't have a lot of history information, saying just that the idea of mDNS was first proposed by Bill Woodcock & Bill Manning to the IETF in 2000, and neither seem obviously tied to Microsoft. Apple later published Bonjour in 2002, and mDNS only became an official rfc6762 in 2013!
[1] https://en.wikipedia.org/wiki/Multicast_DNS