Knot Resolver is an open source DNS recursor written in C and LuaJIT. When you perform a dns lookup, a recursor initially starts asking the lookup query to a dns root server. This can then redirect to other servers, from where it can redirect to other servers and so on, until finally a server is reached that knows the answer or knows that the look-up is not possible. The latter can be the case if the name does not exist or the servers do not respond. cloudflare uses Knot Resolver for example for its 126.96.36.199 dns service. The developers of CZ NIC previously released version 5.1.1 with the following changes:
Knot Resolver 5.1.1 released
- fix CVE-2020-12667: mitigation for NXNSAttack DNS protocol vulnerability
- control sockets: recognize newline as command boundary
For more information please see blog post about NXNSattack.
|License type||Conditions (GNU/BSD/etc.)|