Mysterious DNS/53 traffic
Mr. James W. Laferriere
babydr at baby-dragons.com
Mon Nov 6 21:05:09 UTC 2000
Hello Ross , Paul dropped a note on the list a while back about
a tool to use port 53 as a tcp forwarder . Please see below my
.sig . It is just a possibility . Hth , JimL
On Mon, 6 Nov 2000, Ross wrote:
> I monitor a NID (sniffer) for my company. I see lots of large and small
> dns/53 traffic from non company sites to my company machines. What is the
> reason of a non DNS server to communicate to my machines regardless of file
> size? Shouldnt port 53 traffic be only communication between DNS server and
> clients? Should I worry about a manipulated DNS port being used in bad
> ways?
> Thanks DNS Expert!!!
> Ross
+----------------------------------------------------------------+
| James W. Laferriere | System Techniques | Give me VMS |
| Network Engineer | 25416 22nd So | Give me Linux |
| babydr at baby-dragons.com | DesMoines WA 98198 | only on AXP |
+----------------------------------------------------------------+
On Sun, 10 Sep 2000, Paul A Vixie wrote:
>
> Date: Sun, 10 Sep 2000 20:21:48 -0700
> From: Paul A Vixie <vixie at mibh.net>
> To: bind-workers at isc.org
> Subject: FYI - IP tunnelling via DNS
>
> http://slashdot.org/article.pl?sid=00/09/10/2230242&mode=nocomment
>
>
More information about the bind-users
mailing list