I’ve just read this blog : http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
Is RouterOS DNS secure?
sorry for my poor english, I hope you got my point.
you can check if your vulnerable here:
What happens with RouterOS DNS caching service is that it forwards the queries onto whatever you’ve specified in /ip dns. So, I don’t believe RouterOS is directly vulnerable, however, if you are pointing RouterOS to affected resolvers then you are vulnerable. Using the above URL will show you what server is making the queries for you. It would be nice if you could point those to the root servers directly but it seems RouterOS only does forwarding.
Sam
and because most browsing is proxied, it’s only the last DNS server that is actually reported.
It’s the ISPs that control this so I can’t see Mikrotik being able to do this?
Here is an alternate test:
$ dig +short porttest.dns-oarc.net TXT
You should get back some output like this:
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
“xxx.xxx.xxx.xxx is FAIR: 26 queries in 0.1 seconds from 25 ports with std dev 3843.00”
changeip, hilton
thank you for pointing me in, ROS is safe. It’s the DNS of my ISP that is vulnerable.