Suspecious DNS traffic

Carlos M. Martinez carlosm3011 at gmail.com
Mon Mar 25 16:25:58 UTC 2013 

Are you talking about SOURCE or destination ports ?

regards

~CArlos

On 3/25/13 1:21 PM, babu dheen wrote:
> Hi Matus,
> 
> Still not convinced because if i need to allow >1024 port from  our DNS
> server to external world(internet).. where is the security?
> 
> I beleive we just need to allow TCP and UDP 53 from our DNS server to
> internet(any) which is already done. Not sure why we have to open non
> standard port from our DNS server to internet?
> 
> Kindly provide some details.
> 
> Regards
> Babu
> 
> 
> ------------------------------------------------------------------------
> *From:* Matus UHLAR - fantomas <uhlar at fantomas.sk>
> *To:* bind-users at lists.isc.org
> *Sent:* Monday, 25 March 2013 3:30 PM
> *Subject:* Re: Suspecious DNS traffic
> 
> On 25.03.13 16:59, babu dheen wrote:
>>  I am able to query one of the PTR record available in my company BIND
>> caching DNS server from internet(ANY IP address) successfully.  As per
>> your statement, If I am denying the response, how could I get response
>> successfully?
> 
> you must allow the packets from TCP+UDP port 53 coming to any >=1024 port on
> your nameserver.
> 
> -- Matus UHLAR - fantomas, uhlar at fantomas.sk <mailto:uhlar at fantomas.sk>
> ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> The only substitute for good manners is fast reflexes.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users
> 
> 
> 
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>

More information about the bind-users mailing list