Problem resolving name.

phn at phn at
Mon Dec 13 16:09:09 UTC 2004

Fabiano Silos Reis <fsilos at> wrote:
> Just especulating what is opened to the world from my machine.

As you aloready observed, it named that opened that port. And
it's supposed to be benign, only used for queries to 
other nameservers ( which will of course be answered to
that same port).

So you will have to accept UDP packets coming into that 
port from outside, but as they always are a result of
a previous query all state-aware firewall are aware of this.

If named had a vulnerability, which i am not aware about, it would
certenly be dangerous. Thats why we all runs late "production" versions
and keep an eye on mailinglists :-)

Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list