ืกืคึผืขืกืืึทืืืกืฅ ืคืื JSOF ืคืึธืจืฉืื ื ืืึทืื ืืขืืืืื ืืืื ื ืืึท ืืืึทืื ืขืจืึทืืืืืืื ืืื ืื ืื ืก / DHCP ืกืขืจืืืขืจ ืื ืกืืึทืกืง. ืื ืื ืกืืึทืกืง ืกืขืจืืืขืจ ืืื ืืืืขืจ ืคืึธืืงืก ืืื ืืื ืืขื ืืฆื ืืืจื ืคืขืืืงืืึทื ืืื ืคืืืข ืืื ืืงืก ืืืกืืจืืืืืฉืึทื ื, ืืื ืืขืืื ื ืืื ืืื ื ืขืฅ ืืืกืจืืื ืคืื Cisco, Ubiquiti ืืื ืื ืืขืจืข. Dnspooq ืืืึทืื ืขืจืึทืืืืืืื ืึทืจืืึทื ื ืขืืขื DNS ืงืึทืฉ ืคืึทืจืกืึทืืื ื ืืื ืืืืึทื ืงืึธื ืืืจืืคืืจืื ื. ืื ืืืึทืื ืขืจืึทืืืืืืื ืืขื ืขื ืคืึทืจืคืขืกืืืงื ืืื dnsmasq 2.83.
ืืื 2008, ืืขืจ ืืึทืจืืื ืืืืขืจืืืื ืคืึธืจืฉืขืจ ืื ืงืึทืืื ืกืงื ืืืกืงืึทืืืขืจื ืืื ืืงืกืคึผืึธืืื ืึท ืคืื ืืึทืืขื ืืึทื ืืกืจืื ืืื ืื ืืื ืืขืจื ืขื ืก ืื ืก ืืขืงืึทื ืืืึทื. ืงืึทืืื ืกืงื ืคึผืจืืืื ืึทื ืึทืืึทืงืขืจื ืงืขื ืขื ืฉืืืื ืื ืคืขืื ืึทืืจืขืกืขืก ืืื ืืึทื ืืืขื ืขื ืืึทืื. ืื ืก ืื ื ืฉืื ื ืืขืฐืข ื ืืืงืื ื ืื ื ืดืงืืืื ืกืงืึพืืืืงืด .
ืื ืก ืืื ืืขืืืืื ืึท ืื ืกืึทืงืืขืจ ืคึผืจืึธืืึธืงืึธื ืคึฟืึทืจ ืืขืงืึทืืขืก, ืืึธืืฉ ืขืก ืืื ืืขืืืื ื ืฆื ืืึทืจืึทื ืืืจื ืึท ืืืืขืจ ืืืจืื ืคืื ืึธืจื ืืืขืืงืืึทื. ืขืก ืืื ืคึฟืึทืจ ืืขื ืกืืื ืึทื ืขืก ืืื ื ืึธื ืฉืืืขืจ ืคืึทืจืืึธืื ืืืืฃ. ืืื ืืขืจ ืืขืืืืงืขืจ ืฆืืื, ืืขืงืึทื ืืืึทืื ืืขื ืขื ืืขืืืขืืึธืคึผืขื ืฆื ืคึฟืึทืจืืขืกืขืจื ืื ืืืืขืจืืืื ืคืื ืืขืจ ืึธืจืืืื ืขื ืื ืก ืคึผืจืึธืืึธืงืึธื. ืื ืืขืงืึทื ืืืึทืื ืึทืจืืึทื ื ืขืืขื HTTPS, HSTS, DNSSEC ืืื ืื ืืขืจืข ืื ืืฉืึทืืืืื. ืึธืืขืจ, ืืคืืื ืืื ืึทืืข ืื ืืขืงืึทื ืืืึทืื ืืื ืคึผืืึทืฅ, ืื ืก ืืืืืืฉืึทืงืื ื ืืื ื ืึธื ืึท ืืขืคืขืจืืขื ืืึทืคืึทืื ืืื 2021. ืคืื ืคืื ืืขืจ ืืื ืืขืจื ืขืฅ ืจืืืืื ื ืึธื ืืืืฃ ืื ืก ืืื ืื ืืขืืืข ืืืขื ืขืก ืืื ืืื 2008, ืืื ืืื ืกืึทืกืขืคึผืืึทืืึทื ืฆื ืื ืืขืืืข ืืืืคึผืก ืคืื ืื ืคืืื.
ืืืึทืื ืขืจืึทืืืืืืื ืคืื DNspooq ืงืึทืฉ ืคืึทืจืกืึทืืื ื:
CVE-2020-25686, CVE-2020-25684, CVE-2020-25685. ืื ืืืึทืื ืขืจืึทืืืืืืื ืืขื ืขื ืขื ืืขื ืฆื SAD DNS ืื ืคืืื ืืขืฆืื ืก ืืขืืืืื ืืืจื ืจืืกืขืจืืฉืขืจื ืคืื ืื ืืื ืืืืขืจืกืืืขื ืคืื ืงืึทืืืคืึธืจื ืืึท ืืื ืฆืื ืืืืึท ืืื ืืืืขืจืกืืืขื. SAD DNS ืืื DNSpooq ืืืึทืื ืขืจืึทืืืืืืื ืงืขื ืขื ืืืื ืืืื ืงืึทืืืืื ื ืฆื ืืึทืื ืื ืคืืื ืืคืืื ืืจืื ืืขืจ. ื ืึธื ืึทืืึทืงืขืก ืืื ืืืงืืึธืจ ืงืึทื ืกืึทืงืืืขื ืกืึทื ืืขื ืขื ืืืื ืจืขืคึผืึธืจืืขื ืืืจื ืฉืืึธืก ืืฉืชืืืืช ืคืื ืืื ืืืืขืจืกืืืขืื (ืกื ืืืืขืจ ืืืจืืืง ืคืึธืจืืืขืจืืขืจื, ืืื"ื ื).
ืืืึทืื ืขืจืึทืืืืืืื ืึทืจืืขื ืืืจื ืจืืืืกืื ื ืขื ืืจืึธืคึผืืข. ืจืขืื ืฆื ืืขืจ ื ืืฆื ืคืื ืึท ืฉืืืึทื ืืึทืฉ ืฆื ืืืขื ืืืคืืฆืืจื DNS ืจืืงืืืขืก ืืื ืื ืืืคึผืื ืงืืืขื ืืืืึทืื ืคืื ืื ืืขืื ืฆื ืืขืจ ืขื ืืคืขืจ, ืขื ืืจืึธืคึผื ืงืขื ืขื ืืืื ืืืืขืจ ืจืืืืกื ืืื ืืืืื ~ 19 ืืืื ืืึทืจืคึฟื ืฆื ืืืื ืืขืกื, ืืืึธืก ืืืื ืงืึทืฉ ืคืึทืจืกืึทืืื ื ืืขืืืขื. ืื ืืืขื ืื ืกืืึทืกืง ืคึผืจืึทืกืขืกืึทื CNAME ืจืขืงืึธืจืืก ืึทืืึทืื ืขืก ืฆื ืฉืืืื ืื ืึท ืงืืื ืคืื CNAME ืจืขืงืึธืจืืก ืืื ืืคืขืงืืืืืื ืืืคื ืึทืจืืืฃ ืฆื 9 ืื ืก ืจืขืงืึธืจืืก ืืื ืึท ืฆืืื.
ืืึทืคืขืจ ืึธืืืืขืจืคืืึธื ืืืึทืื ืขืจืึทืืืืืืื: CVE-2020-25687, CVE-2020-25683, CVE-2020-25682, CVE-2020-25681. ืึทืืข 4 ืืืืขืจืงื ืืืึทืื ืขืจืึทืืืืืืื ืืขื ืขื ืคืึธืจืฉืืขืื ืืื ืงืึธื ืืื DNSSEC ืืืคึผืืึทืืขื ืืืืฉืึทื ืืื ืืขืจืฉืืึทื ืขื ืืืืื ืืืขื ืงืึธื ืืจืึธืืืจืื ื ืืืจื DNSSEC ืืื ืขื ืืืืึทืื ืืื ืื ืกืขืืืื ืืก.
ืืงืืจ: linux.org.ru