Security Basics mailing list archives
RE: TCP DNS requests
From: <Leonard.Ong () nokia com>
Date: Fri, 1 Nov 2002 09:50:46 +0800
Yes, I am confirming this. Zone transfer uses TCP/53, while queries use UDP/53. Regards, Leonard Ong Network Security Specialist, APAC NOKIA Email. Leonard.Ong () nokia com Mobile. +65 9431 6184 Phone. +65 6723 1724 Fax. +65 6723 1596 -----Original Message----- From: ext Daniel Miessler [mailto:danielrm26 () hotmail com] Sent: Friday, November 01, 2002 1:20 AM To: 'Carl R Diliberto'; 'security-basics' Subject: RE: TCP DNS requests Zone Transfers use TCP instead of UDP on port 53. That is most likely what you are seeing. --Daniel
We are reporting TCP based DNS requests to one of our DNS servers
coming
from internal, client IP addresses. My manager would like to block
the TCP
packets. What or why would their be random TCP packets? We monitored several clients and it appears it only needs UDP.
Current thread:
- RE: TCP DNS requests Paris E. Stone (Oct 31)
- <Possible follow-ups>
- RE: TCP DNS requests Willis, Mark (Nov 01)
- RE: TCP DNS requests Douglas K. Fischer (Nov 01)
- RE: TCP DNS requests Leonard.Ong (Nov 01)
- RE: TCP DNS requests Wolf, Glenn (Nov 01)
- RE: TCP DNS requests Royans Tharakan (Nov 01)