Security issue: open DNS Resolver (port 53)
FreeNAS 11 RC1 and RC2 both have an open DNS Resolver (port 53). Our local security team are advising that this is a security risk and are threatening to block ports ;)
FN9.10U3 (e1497f269) does NOT have this service open.
We believe this is NOT intentional and likely due to the local DNS resolver being unbound.
#2 Updated by Kris Moore over 3 years ago
- Status changed from Unscreened to Needs Developer Review
- Assignee changed from Kris Moore to William Grzybowski
- Priority changed from No priority to Nice to have
- Target version set to 11.0
This was let on while we tested consul functionality. I've disabled dnsmasq by default now, but we will revisit making it a UI option to enable at some point down the road in order to use consul-based failover functionality.