Penetration Testing mailing list archives

RE: DNS ACL ?

From: "Jason Muskat" <Jason () TechDude Ca>
Date: Sun, 13 Nov 2005 14:11:22 -0500

As long as less then a handful for RR are returned UDP is fine.  ... Don't
forget to allow the DNS servers outbound reply.

Regards,
 
Jason Muskat, GCUX, de VE3TSJ
Jason () TechDude Ca
+1-416-414-9934 SMS
PGP Key: 7B447CD9                Fingerprint: 29A2 63C5 F623 EE9D 2453  B840
2818 5CA7 7B44 7CD9
Linux Guru Since 2002               Without security there can be no
privacy.


-----Original Message-----
From: John Hally [mailto:JHally () epnet com] 
Sent: Friday, November 11, 2005 8:35 AM
To: 'pen-test () securityfocus com'
Subject: DNS ACL ?

Hello All,

 

I need a sanity check regarding DNS ACLs.  For external facing DNS servers
you need to allow only udp/53 inbound, correct?  I know tcp/53 is used for
zone transfers and requests/replies greater than a certain size, but they
shouldn't typically happen for general dns queries correct?  

 

Thanks in advance!



----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

DNS ACL ? John Hally (Nov 11)
- Re: DNS ACL ? Stephen J. Smoogen (Nov 13)
- RE: DNS ACL ? Jason Muskat (Nov 13)
- RE: DNS ACL ? Giancarlo Paolillo (Nov 13)
- Re: DNS ACL ? Thor (Hammer of God) (Nov 13)
- Re: DNS ACL ? Richard C Lewis (Nov 13)
- Re: DNS ACL ? Chris Brenton (Nov 13)
- Re: DNS ACL ? Lynx (Nov 13)
  - Re: DNS ACL ? Justin Ferguson (Nov 14)
- <Possible follow-ups>
- Re: DNS ACL ? John Nemeth (Nov 13)
- RE: DNS ACL ? Maher Odeh (Nov 13)
- FW: DNS ACL ? Dario Ciccarone (dciccaro) (Nov 21)
- RE: DNS ACL ? Kyle Quest (Nov 22)

(Thread continues...)