Interesting DNS Traffic

["Andrew Fessler" <andrew () allegro net>]

I have seen some unusual things on my Cisco.

I have some access-lists setup.

I permit, SMTP, WWW, POP, IMAP, ECHO,ICMP and a few other ports as
well as 1024-65535 for inbound. 

That theroetically should cover any inbound traffic.

However, I see DNS  requests and WWW requests come in where the souce
port on the packet originates in the 800 range rather than the
standard 1024-65535 range. Therefore the reply back is denied.

Example.

xxx.xxx.xxx.xxx (879) -->   204.253.83.10 (53)

meaning a packet came in from the internet going to my DNS, however
the source port of the packet was 879. 

I cant find any reason why they are having abnormal source ports,
should I worry about this? Should I open the 800 range ports? Seems
like opening my network more than I want to.

TIA

Andrew Fessler
Allegro