How 2 stop unapproved updates?
mycos at my-deja.com
mycos at my-deja.com
Mon Apr 17 18:39:12 UTC 2000
In article <006101bfa891$e00b1450$7cc2a8ce at WALTERB>,
"Cricket Liu" <cricket at acmebw.com> wrote:
> > How do I keep the following from happening? Is there a port I can
block?
> > What effect does the following have on my DNS?
>
> See http://www.acmebw.com/askmrdns/bind-messages.htm#idx_u.
I didn't find the answer there as to which port is used... I've looked
for this information as well. In fact, RFC 2136 (someone correct me if
that's not the latest/best RFC for DDNS stuff) doesn't mention a port
number anywhere that I can find, so my guess is that it's all happening
over 53 (or whatever is specified in named.conf).
My understanding is that by default queries happen over udp/53 and
xfers over tcp/53. So lacking any other easy answers I ran tcpdump and
tried an update (from .1 to .69 as shown below, this is _only_ UDP)
192.168.1.1.1079 > 192.168.1.69.53: 28553 op5 [1n] SOA?
bogustestdomain.com. (52)
EPq|575<Po(bogustestdomaincomrecord?
192.168.1.69.53 > 192.168.1.1.1079: 28553 op5 Refused 0/1/0 (52)
EP'z57<obogustestdomaincomrecord?
So I think that the short answer to the question "Can I block DDNS
updates at the port level" is no, not if you want your server to still
answer regular queries on udp 53.
mYcos
Sent via Deja.com http://www.deja.com/
Before you buy.
More information about the bind-users
mailing list