this post was submitted on 16 Feb 2024
146 points (99.3% liked)

Selfhosted

60426 readers
358 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

Researchers recently found a vulnerability in the way DNS resolvers handle DNSSEC validation that allow attackers to DoS resolvers with a single DNS request

https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/

It is highly recommended to upgrade your resolvers to the following versions:

you are viewing a single comment's thread
view the rest of the comments
[–] muntedcrocodile@lemmy.world 1 points 2 years ago (1 children)

What about on mobile? Those of us who use dns filtering on mobile.

[–] BlackEco@lemmy.blackeco.com 1 points 2 years ago* (last edited 2 years ago) (1 children)

I'm not familiar with off-the-shelf DNS filtering on mobile, but since running a DNS resolver on-device would be impractical, I think they must be using a DNS server that they maintain. Which means that unless I'm wrong, the vulnerability lies on their end, you should be fine.

[–] muntedcrocodile@lemmy.world 2 points 2 years ago (1 children)

I been using rethink dns but ik their are other for android at least. Works by making a local vpn magic.

[–] BlackEco@lemmy.blackeco.com 2 points 2 years ago

They maintain their own resolver, so they have to patch it if not done already.