Full Disclosure mailing list archives

Fw: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte PIX limit


From: "hggdh" <hggdh () attbi com>
Date: Thu, 8 May 2003 12:09:22 -0500

FYI. Any ideas?
----- Original Message ----- 
From: "DeAvillez, Carlos" <Carlos_DeAvillez () stercomm com>
To: <hggdh () attbi com>
Sent: Thursday, May 08, 2003 12:08
Subject: FW: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte
PIX limit




-----Original Message-----
From: DeAvillez, Carlos
Sent: Thursday, May 08, 2003 12:02
To: 'hddgh () attbi com'
Subject: FW: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512
byte PIX limit




-----Original Message-----
From: Loucks, Jason [mailto:loucks () COMMPROD COM]
Sent: Thursday, May 08, 2003 08:59
To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM
Subject: [NTBUGTRAQ] Win 2003 DNS requests makes replies over 512 byte
PIX limit


We recently upgraded our DNS servers to Win 2003.  After this time, it
became apparent that we are unable to send email to some domains which
had been working fine before.



After much investigation as to why it "suddenly" stopped working, we
determined that Win 2003 requests everything but the kitchen cupboard in
its DNS requests,  apparently using RFC 2671 to specify the ability to
accept >512 byte UDP replies.



We are running the latest version (6.3.1) on our Cisco PIX and it
appears that there is hard limit of 512 bytes on ANY UDP packets
arriving on port 53.  Everything exceeding that is dropped.



Has anyone else seen this problem?



oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by IP3 Inc.

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
SECURITY QUESTIONS? We've got answers...Apply for a scholarship and become
TICSA certified.

Do not miss your opportunity to discover solutions to what our
participants
have identified as their top 5 IT Security Challenges. You will return to
work better prepared to put into place an effective security strategy
utilizing the latest security tools, bookmarks and URL's.

<http://www.ip3seminars.com>


oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Current thread: