Commit cf66e748 authored by Jeremy C. Reed's avatar Jeremy C. Reed
Browse files

modify warning about abuse of the dhcp-ddns server

discussed little on jabber.
I opened a new ticket to fix code to at #3514
parent 7dfa7561
......@@ -168,14 +168,15 @@
</para>
<warning>
<simpara>
When the DHCP-DDNS server is configured to listen at an address
other than the loopback address (127.0.0.1 or ::1), it is possible
for a malicious attacker to send bogus NameChangeRequests to it
and change entries in the DNS. For this reason, addresses other
than the IPv4 or IPv6 loopback addresses should only be used
for testing purposes. A future version of Kea will implement
It is possible for a malicious attacker to send bogus
NameChangeRequests to the DHCP-DDNS server. Addresses
other than the IPv4 or IPv6 loopback addresses (127.0.0.1
or ::1) should only be used for testing purposes, but
note that local users may still communicate with the
DHCP-DDNS server. A future version of Kea will implement
authentication to guard against such attacks.
</simpara>
<!-- see ticket #3514 -->
</warning>
<note>
<simpara>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment