On Sat, 5 May 2001 12:36:05 -0400 Jason Lewis <jlewisat_private> wrote: > DNS queries are on UDP port 53. TCP port 53 is used for zone > transfers. TCP port 53 is also used for DSN queries which exceed a single UDP packet in size (eg a host with a large round robin ring). > Since I have blocked TCP port 53, I have seen a decrease in attack > attempts on my name servers, primarily because that port isn't > open. I do still see scans for the DNS ports, but nothing more > than a port scan. Not terribly surprising: Most scanners are pretty poor at registering UDP ports. -- J C Lawrence clawat_private ---------(*) http://www.kanga.nu/~claw/ --=| A man is as sane as he is dangerous to his environment |=--
This archive was generated by hypermail 2b30 : Sat May 05 2001 - 19:27:15 PDT