Suspecious DNS traffic
babu dheen
babudheen at yahoo.co.in
Mon Mar 25 16:21:30 UTC 2013
Hi Matus,
Still not convinced because if i need to allow >1024 port from our DNS server to external world(internet).. where is the security?
I beleive we just need to allow TCP and UDP 53 from our DNS server to internet(any) which is already done. Not sure why we have to open non standard port from our DNS server to internet?
Kindly provide some details.
Regards
Babu
________________________________
From: Matus UHLAR - fantomas <uhlar at fantomas.sk>
To: bind-users at lists.isc.org
Sent: Monday, 25 March 2013 3:30 PM
Subject: Re: Suspecious DNS traffic
On 25.03.13 16:59, babu dheen wrote:
> I am able to query one of the PTR record available in my company BIND
> caching DNS server from internet(ANY IP address) successfully. As per
> your statement, If I am denying the response, how could I get response
> successfully?
you must allow the packets from TCP+UDP port 53 coming to any >=1024 port on
your nameserver.
-- Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes. _______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130326/02cb289f/attachment.html>
More information about the bind-users
mailing list