Great Circle Associates Firewalls
(March 1993) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: DNS Client Ports
From: Dave Mischler <mischler @ cubic . com>
Date: Sat, 13 Mar 93 20:34:27 EST
To: FireWalls @ GreatCircle . COM 
I have recently added selective packet logging to my packet filter
code for KA9Q (it will be ready for release soon), and I have noticed
some DNS requests from non-privileged ports from various machines on
the net.  I am currently only allowing UDP DNS from any address with a
source port of 53 to reach my externally accessible name server.
Should I allow "random" client ports through?  What are the security
implications?

Dave Mischler
mischler @
 cubic .
 com
Indexed By Date Previous: Help! I need and example set of CISCO ACL's
From: gpsemi @ netcom . com (GEC Plessey)
Next: Re: DNS Client Ports
From: Marcus J Ranum <mjr @ TIS . COM>
Indexed By Thread Previous: Help! I need and example set of CISCO ACL's
From: gpsemi @ netcom . com (GEC Plessey)
Next: Re: DNS Client Ports
From: Marcus J Ranum <mjr @ TIS . COM>
Google
 
Search Internet Search www.greatcircle.com