Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cisco Workaround

From: Stephane Nasdrovisky <stephane.nasdrovisky () uniway be>
Date: Thu, 24 Jul 2003 19:31:52 +0200

My phone is plugged in the port 53 of our pabx, will I have to plug my phone in another port if I implement this access 
list ?


             DNS is using port 53, I think you should consider 
unblockthis port if you want your DNS to communicate with your ISP 
DNS.

will this access list modification prevent my internal DNS server from
updates to it self from my telco's DNS server?

access-list 101 deny 53 any any
access-list 101 deny 55 any any
access-list 101 deny 77 any any
access-list 101 deny 103 any any
!--- insert any other previously applied ACL entries here
!--- you must permit other protocols through to allow normal
!--- traffic -- previously defined permit lists will work
!--- or you may use the permit ip any any shown here
access-list 101 permit ip any any





---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: