Security Basics mailing list archives
Re: domain ACL?
From: Peter Bruderer <brudy () bruderer-research com>
Date: Tue, 29 Jul 2003 18:01:27 +0200
According to RFC 1035(?) the source port of a DNS query is 53 or >1023. Newer DNS servers have by default a source port >1023 but connections from port 53 are absolutely legal. On Tuesday 29 July 2003 03:38, Glenn English wrote:
My understanding is that UDP connects to port 53 should be allowed only from ports > 1023. When I set that, I get *many* deny's coming from port 53 UDP to port 53. Is there a legit reason for that connection? My new firewall is scribbling all over my log :-)
-- Peter Bruderer mailto:brudy () bruderer-research com Bruderer Research GmbH Tel ++41 52 620 26 53 IT Security Services Fax ++41 52 620 26 54 CH-8200 Schaffhausen http://www.bruderer-research.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- domain ACL? Glenn English (Jul 29)
- RE: domain ACL? David Gillett (Jul 29)
- Re: domain ACL? Peter Bruderer (Jul 29)