Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: RE: TCP DNS requests

RE: TCP DNS requests

From: <Leonard.Ong_at_nokia.com>
Date: Fri, 1 Nov 2002 09:50:46 +0800

Yes, I am confirming this. Zone transfer uses TCP/53, while queries use UDP/53.

Regards,
Leonard Ong
Network Security Specialist, APAC
NOKIA

Email. Leonard.Ong_at_nokia.com
Mobile. +65 9431 6184
Phone. +65 6723 1724
Fax. +65 6723 1596

-----Original Message-----
From: ext Daniel Miessler [mailto:danielrm26_at_hotmail.com]
Sent: Friday, November 01, 2002 1:20 AM
To: 'Carl R Diliberto'; 'security-basics'
Subject: RE: TCP DNS requests

Zone Transfers use TCP instead of UDP on port 53. That is most likely
what you are seeing.

--Daniel

> We are reporting TCP based DNS requests to one of our DNS servers
coming
> from internal, client IP addresses. My manager would like to block
the TCP
> packets. What or why would their be random TCP packets? We monitored
> several clients and it appears it only needs UDP.
Received on Nov 01 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos