> > Unfortunately, 1434 is a perfectly valid > "ephemeral" port. > > Would you like, for instance, random DNS failures? > > I think it depends. Outgonig 1434 traffic is fine > for a DNS server (and > some other UDP based services like streaming). > However, it should be blocked on a SQL server. UDP 1434 as an "ephemeral" port isn't an issue. The traffic can be easily blocked by defining subnets. > If both of them on the same > machine you are out of luck, though... You've got a point there. When I was at Winstar, consultants had setup DNS on a firewall system...which was running an end-user version of Solaris. __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Tue Jan 28 2003 - 09:39:06 PST