Home page logo

basics logo Security Basics mailing list archives

Securing DNS Server
From: "Naman Latif" <naman.latif () inamed com>
Date: Fri, 1 Nov 2002 16:31:14 -0800

I am trying to restrict Access to our DNS Server from Outside using a
Cisco IOS Firewall. Initially we only had Port 53 Access to this Server
from outside.
But it turned out that when our DNS Server has to query a root name
server, it sends out a UDP query with a random higher (>1023) source
port number, which means that I will have to open >1023 Ports access to
this server from outside.
In this situtation How do I protect my DNS server from outside attacks
on higher port numbers ?
Is there a range of Source Port numbers that a BIND DNS server would
use, when querying outside servers ?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]