Commit cf66e748 authored by Jeremy C. Reed's avatar Jeremy C. Reed
Browse files

modify warning about abuse of the dhcp-ddns server

discussed little on jabber.
I opened a new ticket to fix code to at #3514
parent 7dfa7561
...@@ -168,14 +168,15 @@ ...@@ -168,14 +168,15 @@
</para> </para>
<warning> <warning>
<simpara> <simpara>
When the DHCP-DDNS server is configured to listen at an address It is possible for a malicious attacker to send bogus
other than the loopback address (127.0.0.1 or ::1), it is possible NameChangeRequests to the DHCP-DDNS server. Addresses
for a malicious attacker to send bogus NameChangeRequests to it other than the IPv4 or IPv6 loopback addresses (127.0.0.1
and change entries in the DNS. For this reason, addresses other or ::1) should only be used for testing purposes, but
than the IPv4 or IPv6 loopback addresses should only be used note that local users may still communicate with the
for testing purposes. A future version of Kea will implement DHCP-DDNS server. A future version of Kea will implement
authentication to guard against such attacks. authentication to guard against such attacks.
</simpara> </simpara>
<!-- see ticket #3514 -->
</warning> </warning>
<note> <note>
<simpara> <simpara>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment