Home page logo
/

basics logo Security Basics mailing list archives

Re: UDP 1027
From: Vijay Vikram <karpagamekapali () gmail com>
Date: Wed, 8 Jun 2005 22:00:11 +0530

Hi,

also verify this link  for information on port 1027

http://www.seifried.org/security/ports/1000/1027.html


KKDU









On 6/6/05, David Gillett <gillettdavid () fhda edu> wrote:
  When your machine issues a DNS request, it directs it at port 53 of
the server.  What originating port does the client use?  (The server
will send its response to the client's originating port, so there
needs to be a listener there for it....)

  There are two common approaches; some platforms take one and some the
other:

(a) Use port 53 for the source.  This is especially common on servers,
who may be listening on 53 anyway for DNS requests from others.  named
can figure out whether a given packet is a request or a reply.

(b) Allocate a random port starting above 1024.  My experience is that
this is more common on machines which are not, themselves, DNS servers.

  It appears that your machine is an example of (b).  Perfectly normal.

David Gillett


-----Original Message-----
From: Rod [mailto:securitybasics () gmail com]
Sent: Thursday, June 02, 2005 7:37 AM
To: security-basics () securityfocus com
Subject: UDP 1027


Hello,

Running 'lsof -i' on my Linux server, I see that port 1027 UDP is
listed. It says that named is the process that it is bound to. I know
DNS is UDP 53 and TCP 53. Can someone please tell me what 1027 is used
for?

Thanks,
Rod




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]