dns clients using non-ephemeral ports
Derek J. Balling
dredd at megacity.org
Wed Jan 10 21:09:15 UTC 2001
Remember that, as far as I know, windows boxes make no distinction between
(>1024) and ( <= 1024).
D
At 1:01 PM -0800 1/10/01, ed at alcpress.com wrote:
>My firewall is configured to allow dns requests from the outside
>world that use ephemeral source ports (1024-65535) and port 53.
>When I check my logs, I see packets that were rejected
>because they used source ports below 1024. Here
>are some examples:
>
>195.153.131.2:665
>203.229.169.225:744
>212.62.4.189:904
>
>Are there resolvers or servers out there that normally do this or have
>I turned away a potential attack?
>
>Ed
--
+---------------------+-----------------------------------------+
| dredd at megacity.org | "Conan! What is best in life?" |
| Derek J. Balling | "To crush your enemies, see them |
| | driven before you, and to hear the |
| | lamentation of their women!" |
+---------------------+-----------------------------------------+
More information about the bind-users
mailing list