netblue30
commented
4 years ago Thanks for the patch. The reason I don't want to use the TTL value from the replay is because I don't want to parse the response packet - cache poisoning becomes very attractive for an attacker. I'll increase the TTL to 5 minutes.
I run a small network of windows stations - not more than 10. The cache is running full. I have replaced it with a hashtable. Also, can we increase the TTL from 180 seconds? Or maybe just use the value coming in the replay?