telnet to port 53?
Kevin Darcy
kcd at daimlerchrysler.com
Fri Dec 10 22:40:50 UTC 1999
Barry Margolin wrote:
> In article <19991210131718.C920 at adams.cospo.osis.gov>,
> Joseph S D Yao <jsdy at cospo.osis.gov> wrote:
> >On Mon, Dec 06, 1999 at 05:32:53PM -0500, David wrote:
> >> Hi,
> >> Should I be able to telnet to port 53? If not, how can i disable it?
> >>
> >> Thanks
> >> David
> >
> >If you have the port open for DNS, then you can use 'telnet' to connect
> >to it. Some programs test for 'telnet' and reject it. But 'named' does
> >not. Why should it? ;-)
>
> How can a server "test for 'telnet'"? A TCP connection is a TCP
> connection, there's no way to tell what program initiated it.
Hypothetically, the server could send a telnet option and see how the client
responds. That would detect the vast majority of telnet clients.
Of course, the question remains: why would one want to detect telnet connections
in the first place? No-one's going to get anything out of a DNS server via telnet
that they couldn't more easily from other tools...
- Kevin
More information about the bind-users
mailing list