Security Basics mailing list archives
Securing DNS Server
From: "Naman Latif" <naman.latif () inamed com>
Date: Fri, 1 Nov 2002 16:31:14 -0800
Hi, I am trying to restrict Access to our DNS Server from Outside using a Cisco IOS Firewall. Initially we only had Port 53 Access to this Server from outside. But it turned out that when our DNS Server has to query a root name server, it sends out a UDP query with a random higher (>1023) source port number, which means that I will have to open >1023 Ports access to this server from outside. In this situtation How do I protect my DNS server from outside attacks on higher port numbers ? Is there a range of Source Port numbers that a BIND DNS server would use, when querying outside servers ?
Current thread:
- Securing DNS Server Naman Latif (Nov 04)
- RE: Securing DNS Server Michael Vaughan (Nov 05)
- RE: Securing DNS Server Daniel Miessler (Nov 05)
- Re: Securing DNS Server Bennett Todd (Nov 08)
- <Possible follow-ups>
- RE: Securing DNS Server Naman Latif (Nov 05)
- RE: Securing DNS Server Steven Schullo (Nov 06)
- RE: Securing DNS Server Mustafa Baig (Nov 06)
- RE: Securing DNS Server Naman Latif (Nov 06)
- Re: Securing DNS Server Bennett Todd (Nov 06)