Dynamic UDP in BIND 9.1.0

Kevin Darcy kcd at daimlerchrysler.com
Sat Feb 17 00:41:46 UTC 2001


Karl Lovink wrote:

> When investigating the open ports in a firewall. I saw named uses the
> wellknown ports 53 TCP and UDP. But is also uses a random high UDP port. Can
> somebody explain me for what purposes BIND is these ports.

BIND uses those ports for queries it generates and responses it receives, as
opposed to queries it receives or responses it gives. This is for security --
not only does the randomization make it slightly harder to spoof the server,
but also it allows one to run the nameserver under an unprivileged ID, thus
minimizing the impact in case of an exploit.


- Kevin




More information about the bind-users mailing list