How 2 stop unapproved updates?
Cricket Liu
cricket at acmebw.com
Mon Apr 17 21:32:08 UTC 2000
> In article <006101bfa891$e00b1450$7cc2a8ce at WALTERB>,
> "Cricket Liu" <cricket at acmebw.com> wrote:
> > > How do I keep the following from happening? Is there a port I can
> block?
> > > What effect does the following have on my DNS?
> >
> > See http://www.acmebw.com/askmrdns/bind-messages.htm#idx_u.
>
> I didn't find the answer there as to which port is used... I've looked
> for this information as well. In fact, RFC 2136 (someone correct me if
> that's not the latest/best RFC for DDNS stuff) doesn't mention a port
> number anywhere that I can find, so my guess is that it's all happening
> over 53 (or whatever is specified in named.conf).
Yup.
> My understanding is that by default queries happen over udp/53 and
> xfers over tcp/53. So lacking any other easy answers I ran tcpdump and
> tried an update (from .1 to .69 as shown below, this is _only_ UDP)
>
> 192.168.1.1.1079 > 192.168.1.69.53: 28553 op5 [1n] SOA?
> bogustestdomain.com. (52)
> EPq|575<Po(bogustestdomaincomrecord?
>
> 192.168.1.69.53 > 192.168.1.1.1079: 28553 op5 Refused 0/1/0 (52)
> EP'z57<obogustestdomaincomrecord?
>
> So I think that the short answer to the question "Can I block DDNS
> updates at the port level" is no, not if you want your server to still
> answer regular queries on udp 53.
Yup.
cricket
Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com
Attend the next Internet Software Consortium/Acme Byte & Wire
DNS and BIND class! See www.acmebw.com/training.htm for
the schedule and to register for upcoming classes.
More information about the bind-users
mailing list