Security Incidents mailing list archives
Re: Pubstro rash
From: Jeff Kell <jeff-kell () utc edu>
Date: Fri, 18 Mar 2005 10:59:42 -0500
Joshua Berry wrote:
I have never had a DNS query that had a response that was over 512 bytes. For that reason I disable all inbound DNS over 53/tcp. I have been using this configuration for years and even run my own DNS servers and have see absolutely no problems.
If you aren't authoritative over a zone that requires large response records, you'll never receive one. But you may very well send some queries out yourself (you allow 53/tcp outbound statefully?)
But in more general terms: http://www.maradns.org/dnstcp_security.html http://support.microsoft.com/default.aspx?scid=kb;en-us;828263 http://support.microsoft.com/kb/832223 http://www.certcities.com/editorial/columns/print.asp?EditorialsID=144 https://lists.netfilter.org/pipermail/netfilter/2002-January/029765.html http://www.faqs.org/rfcs/rfc3226.html (Among others). Jeff
Current thread:
- RE: Pubstro rash David Gillett (Mar 17)
- RE: Pubstro rash Nick FitzGerald (Mar 17)
- <Possible follow-ups>
- RE: Pubstro rash k levinson (Mar 17)
- RE: Pubstro rash David LeBlanc (Mar 18)
- Re: Pubstro rash Brian Eckman (Mar 28)
- RE: Pubstro rash Joshua Berry (Mar 18)
- Re: Pubstro rash Jeff Kell (Mar 18)
- Re: Pubstro rash Valdis . Kletnieks (Mar 18)