In Progress [UPS-291] cPanel DNSOnly: SAD DNS / DNS Spoofing protection

M

MindServer

Well-Known Member
Mar 18, 2020
236
32
28
Spain
cPanel Access Level
Root Administrator
Hi,

Today KernelCare writed a post in her blog where talk about SAD DNS. I have various web servers (with WHM/cPanel) and one Cluster DNS (whith cPanel DNSOnly).

"WHM/cPanel" and "cPanel DNSOnly" have protection against SAD DNS / DNS Spoofing?. Or I need do anything for protect the domains and DNS against this attacks?.

I have:

Web servers: CloudLinux 7 + WHM/cPanel
Cluster DNS: CentOS 7 + cPanel DNSOnly

All updated to latest version.

Thank you very much. Have a nice day.
 
Last edited:
W

WasChristine

Technical Analyst
Aug 10, 2018
57
11
83
Houston, TX
cPanel Access Level
Root Administrator
Geretings.

We were not able to locate the KernelCare post that you mentioned, though we do know that there is currently a known vulnerability that is being investigated under these links:

1894579 – (CVE-2020-25705) CVE-2020-25705 kernel: ICMP rate limiting can be used for DNS poisoning attack

bugzilla.redhat.com bugzilla.redhat.com

Red Hat Customer Portal - Access to 24x7 support and knowledge

access.redhat.com access.redhat.com

We filed an internal case for tracking as well, which I will update this post's title with. For now it would appear that we are awaiting on an update on these two posts to see what the next course of action is.
 
  • Like
Reactions: MindServer
M

MindServer

Well-Known Member
Mar 18, 2020
236
32
28
Spain
cPanel Access Level
Root Administrator
cPanelChristine said:
Geretings.

We were not able to locate the KernelCare post that you mentioned, though we do know that there is currently a known vulnerability that is being investigated under these links:
Click to expand...
Thank you very much. This is the post, for you can check additional information: KernelCare Patches for SAD DNS Are On The Way

Most of us use CloudLinux 7 and CentOS 7, the vulnerabily affect to this OS?.

I hope this will be solved soon before have problems. Have a nice day.
 
W

WasChristine

Technical Analyst
Aug 10, 2018
57
11
83
Houston, TX
cPanel Access Level
Root Administrator
Greetings,

The vulnerability appears to affect the kernel from what we have found so far. It may be worth mentioning that there are some suggestions on the bug report here that may help with getting around the problem. Unless this is actively causing issues, we would recommend waiting on updates.
 
  • Like
Reactions: MindServer
cPRex

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,032
1,741
363
cPanel Access Level
Root Administrator
  • Like
Reactions: MindServer
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
cPanelMichael SOLVED Using “/scripts/cpdig” as a diagnostic tool for DNS lookups. Domain Management 0
G Purpose of /var/cpanel/dnsrequests_db and failing backups Domain Management 1
C Server lockups - dbindex / updateuserdomains Domain Management 11
brianjking Migrating from 1 VPS to New VPS Error (DNS & Site Content) - Also Backups & SSH Keys Domain Management 4
S DNS Lookups Domain Management 1
Similar threads
SOLVED Using “/scripts/cpdig” as a diagnostic tool for DNS lookups.
Purpose of /var/cpanel/dnsrequests_db and failing backups
Server lockups - dbindex / updateuserdomains
Migrating from 1 VPS to New VPS Error (DNS & Site Content) - Also Backups & SSH Keys
DNS Lookups
Top Bottom