Firewall Wizards mailing list archives
Re: Interesting DNS Traffic
From: Vern Paxson <vern () ee lbl gov>
Date: Wed, 02 Jun 1999 01:00:42 PDT
Unless I am being ignorant, doesnt this NOT comply with the RFC that have to deal with return port numbers on all ip packets?
That's a BSD convention, not an RFC requirement. There are other systems that don't follow the convention ... Let's see ... from a look at yesterday's traffic logs, about 0.67% of the connections (one in 150) had both source and destination port < 1024 (and about 0.1% of those had both source and destination port < 512 ... though all of those were attacks! (scans)) Vern
Current thread:
- Re: Interesting DNS Traffic The Unicorn (Jun 01)
- <Possible follow-ups>
- Re: Interesting DNS Traffic Robert Graham (Jun 01)
- Re: Interesting DNS Traffic Joseph S D Yao (Jun 02)
- Re: Interesting DNS Traffic Andrew Fessler (Jun 01)
- Re: Interesting DNS Traffic Ryan Russell (Jun 02)
- Re: Interesting DNS Traffic David Gillett (Jun 03)
- Re: Interesting DNS Traffic Vern Paxson (Jun 02)
- Re: Interesting DNS Traffic -Reply Einar EINARSSON (Jun 02)
- Re: Interesting DNS Traffic -Reply Ge' Weijers (Jun 03)
- Re: Interesting DNS Traffic -Reply -Reply Einar EINARSSON (Jun 03)
- Re: Interesting DNS Traffic -Reply -Reply Ge' Weijers (Jun 04)
- Re: Interesting DNS Traffic -Reply John McDermott (Jun 03)
- Re: Interesting DNS Traffic -Reply Chris Calabrese (Jun 03)