FWIW, IIS5.0/Exchange 2000 SMTP uses TCP 53 for DNS queries. AD > Jason Lewis wrote: > > > > DNS queries are on UDP port 53. TCP port 53 is used for zone transfers. By > > blocking TCP port 53 I can't do zone transfers, but clients can still do > > lookups on UDP 53. Since I have blocked TCP port 53, I have seen a decrease > > in attack attempts on my name servers, primarily because that port isn't > > open. I do still see scans for the DNS ports, but nothing more than a port > > scan. > > > > My question is...Can anyone come up with any pros/cons of doing this? > >
This archive was generated by hypermail 2b30 : Mon May 14 2001 - 18:14:26 PDT