Full Disclosure mailing list archives

Re: DNS query???

From: buzz <reitenba () fh-brandenburg de>
Date: Tue, 27 Jul 2004 15:38:14 +0200

hi,
On Tuesday 27 July 2004 14:01, Verma, Sachin wrote:

Hi,

I have a secondary dns server,which is internal to LAN and on windows 2000
that is generating a lot of queiries for all the 13 root dns servers.The
traffic is blocked by the firewall.But the strange thing that I have
noticed is that the source and destination port being the same i.e 53.Also

whats the problem with that? in bind, up to version 4, source and destination 
port of dns packets was always 53, it changed with version 8. i don't know 
how win2k dns servers behave, but it may be the same way.

the forwarder is correctly set on the DNS server and hence theoritically
the querries need to be forwarded to the next DNS server.

Any body got an idea as to what is this.


buzz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

DNS query??? Verma, Sachin (Jul 27)
- Re: DNS query??? buzz (Jul 27)
- Message not available
  - Re: DNS query??? Mortis (Jul 27)
- <Possible follow-ups>
- RE: DNS query??? Verma, Sachin (Jul 28)
  - Message not available
    - RE: DNS query??? Mortis (Jul 28)