DNS Ports
Jonathan de Boyne Pollard
J.deBoynePollard at tesco.net
Wed Jul 23 11:24:04 UTC 2003
DH> Thank you for your reply, but a simple statement
DH> that I have to "un-learn" this is not much informatin.
That's why I said to see the web page for details. It
describes, for each case, either the decision criterion
for having a DNS/TCP hole in one's firewall or the reason
that a DNS/TCP hole is always necessary.
DH> As to "see the web page for details" - what web page ?
The web page whose URL I gave you in line 3 of that very
message (and that you've even just included again in
your reply).
DH> As to being wrong, both "Linux Firewalls 2nd edition"
DH> and O'Reilly's "DNS and BIND" discuss this and both
DH> agree queries and responses are sent and received by
DH> UDP and TCP is used only is UDP size is exceeded.
Which is _not_ the same as:
DH> DNS uses UDP to send and get data.
More information about the bind-users
mailing list