mailing list archives
RE: UDP 1027
From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 6 Jun 2005 08:57:02 -0700
When your machine issues a DNS request, it directs it at port 53 of
the server. What originating port does the client use? (The server
will send its response to the client's originating port, so there
needs to be a listener there for it....)
There are two common approaches; some platforms take one and some the
(a) Use port 53 for the source. This is especially common on servers,
who may be listening on 53 anyway for DNS requests from others. named
can figure out whether a given packet is a request or a reply.
(b) Allocate a random port starting above 1024. My experience is that
this is more common on machines which are not, themselves, DNS servers.
It appears that your machine is an example of (b). Perfectly normal.
From: Rod [mailto:securitybasics () gmail com]
Sent: Thursday, June 02, 2005 7:37 AM
To: security-basics () securityfocus com
Subject: UDP 1027
Running 'lsof -i' on my Linux server, I see that port 1027 UDP is
listed. It says that named is the process that it is bound to. I know
DNS is UDP 53 and TCP 53. Can someone please tell me what 1027 is used
- UDP 1027 Rod (Jun 06)
- RE: UDP 1027 David Gillett (Jun 06)