Security Basics mailing list archives
Re: UDP 1027
From: Vijay Vikram <karpagamekapali () gmail com>
Date: Wed, 8 Jun 2005 22:00:11 +0530
Hi, also verify this link for information on port 1027 http://www.seifried.org/security/ports/1000/1027.html KKDU On 6/6/05, David Gillett <gillettdavid () fhda edu> wrote:
When your machine issues a DNS request, it directs it at port 53 of the server. What originating port does the client use? (The server will send its response to the client's originating port, so there needs to be a listener there for it....) There are two common approaches; some platforms take one and some the other: (a) Use port 53 for the source. This is especially common on servers, who may be listening on 53 anyway for DNS requests from others. named can figure out whether a given packet is a request or a reply. (b) Allocate a random port starting above 1024. My experience is that this is more common on machines which are not, themselves, DNS servers. It appears that your machine is an example of (b). Perfectly normal. David Gillett-----Original Message----- From: Rod [mailto:securitybasics () gmail com] Sent: Thursday, June 02, 2005 7:37 AM To: security-basics () securityfocus com Subject: UDP 1027 Hello, Running 'lsof -i' on my Linux server, I see that port 1027 UDP is listed. It says that named is the process that it is bound to. I know DNS is UDP 53 and TCP 53. Can someone please tell me what 1027 is used for? Thanks, Rod
Current thread:
- UDP 1027 Rod (Jun 06)
- RE: UDP 1027 David Gillett (Jun 06)
- Re: UDP 1027 Vijay Vikram (Jun 08)
- <Possible follow-ups>
- RE: UDP 1027 Dennis Oliver (Jun 06)
- RE: UDP 1027 David Gillett (Jun 06)