RE: TCP DNS requests

["Daniel Miessler" <danielrm26 () hotmail com>]

Zone Transfers use TCP instead of UDP on port 53.  That is most likely
what you are seeing.

--Daniel

> We are reporting TCP based DNS requests to one of our DNS servers
coming
> from internal, client IP addresses.  My manager would like to block
the TCP
> packets.  What or why would their be random TCP packets?  We monitored
> several clients and it appears it only needs UDP.