|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Strange TCP/IP DNS traffic
From: Nicolas Rachinsky (list
rachinsky.de)
Date: Thu Jun 03 2004 - 11:06:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
* Shachar Shemesh <fulldiscsun.consumer.org.il> [2004-06-03 17:35 +0300]:
> The outbound traffic is not generated by the local bind installation,
> which was asked to bind to port 53 for outbound traffic. Also,
man named.conf:
Query Address
If the server doesn't know the answer to a question, it will query other
nameservers. query-source specifies the address and port used for such
queries. If address is * or is omitted, a wildcard IP address (
INADDR_ANY) will be used. If port is * or is omitted, a random unprivi-
leged port will be used. The default is
query-source address * port *;
Note: query-source currently applies only to UDP queries; TCP queries
always use a wildcard IP address and a random unprivileged port.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]