|dnsmasq with dnssec||0.75||0.4||2907||25|
] Dnsmasq is a lightweight tool that provides DNS caching, DNS forwarding and DHCP (Dynamic Host Configuration Protocol) services. The utility has been around for around 20 years and is part of the standard set of tools in many Linux distributions, including Android.How to set the number of cached domain names in Dnsmasq?
Set the number of cached domain names with cache-size= size (the default is 150 and the hard limit is 10000 ): To validate DNSSEC load the DNSSEC trust anchors provided by the dnsmasq package and set the option dnssec :Why is Dnsmasq vulnerable to DNS signature fraud?
This means the dnsmasq instance will be vulnerable if it's configured with DNSSEC support, which is recommended for security reasons, but the attacker doesn't need to send DNS responses that are actually digitally signed with a legitimate signature because the flaws are located before the signature validation step.How do I forward Dnsmasq to another DNS server?
Since dnsmasq is a stub resolver not a recursive resolver you must set up forwarding to an external DNS server. This can be done automatically by using openresolv or by manually specifying the DNS server address in dnsmasq's configuration.