|
|
|
|
|
|
by justsomehnguy
44 days ago
|
|
|
> systemd-resolved was initially missing basic security best practices (source port randomization, if I remember correctly), despite their being well established and well known in the DNS community https://lists.dns-oarc.net/pipermail/dns-operations/2016-Jun... It was fixed in 2016. RFC5452 is 2009. As the first paragraph states it's not a big problem for a local forwarder but all other bullet points are on the case. |
|
|