I was curious on what actual version of dnsmasq is runng? I couldn't find any literature on this. The reason I asked. Was talking to my colleuge and he had it running a few months ago. He said virgin media emailed him and told him to turn it off because of open DNS resolver. I did some digging and found out that versions of DNSmasq can be used for DNS amplification attacks via http://www.cvedetails.com/cve/CVE-2012-3411/
is DNSmasq above 2.62test1 on the pi hole now?
anybody worried about this should do some pen testing and follow this guide
I will be trying the tonight. but I was also hoping for some real person confirmation other than my testing
It totally depends on the operating system! We don't bundle dnsmasq binaries in with the pi-hole install script, instead we depend on the package repository for raspbian/debian/Ubuntu/Centos etc
He really shouldn't have port 53 forwarded from the outside world! Best thing to do if you want to access your pi-hole over the internet, is to also host an openVPN server.
thanks for the fast reply, that explains why I can't find any documentation on pi hole having dnsmasq. I'll manually update it tonight and check
I am not 100% sure of his setup I don't think he would have been so negligent but I will talk to him to get more details. I was just googling after he mention something similar to this http://community.virginmedia.com/t5/Security-matters/Virgin-Media-Security-Alert-Open-DNS-Resolver-Vulnerability/td-p/3050503
.
I was under the impression that VM wants you to have their DNS to control your internet and block websites and it’s pretty obvious when you change it because all of a sudden VM doesn't get any requests but is still serving data
