On Sun, Jan 13, 2002 at 08:52:36PM +0100, Peter Jnsson wrote:
Ok..
I pretty sure now that this is just snort reporting when the dns-server
sends back the data from the lookup. The dns-server just happens to send
it to some port that snort is looking for traffic on. But wont this make
it
On Sun, 13 Jan 2002, Peter Jnsson wrote:
[ Sorry that this message is marked as ISO-8859-8-i and not as ISO-8859-1]
Ok..
I pretty sure now that this is just snort reporting when the dns-server
sends back the data from the lookup. The dns-server just happens to send
it to some port that
Martin Berg [EMAIL PROTECTED] wrote:
And telia.com's solution with the DNS:es at private numbers is,
IMHO an exellent solution to ensure that only their customers is
able to use the service.
Similarly, my ISP seems to use 172.16-32.x.x semi-publicly, and my router
will route there:
#
Hi!
Im running snort om my firewall and it keeps catching connections from
one of my ISP's DNS servers. Im quite sure this traffic is legit but it
has been bugging me for while what it's there for. Since its coming from
port 53 Im guessing that it has something todo with DNS. My ISP assigns
a
On Sun, 13 Jan 2002, Peter [ISO-8859-1] Jnsson wrote:
Hi!
Im running snort om my firewall and it keeps catching connections from
one of my ISP's DNS servers. Im quite sure this traffic is legit but it
has been bugging me for while what it's there for. Since its coming from
port 53 Im
Ok..
I pretty sure now that this is just snort reporting when the dns-server
sends back the data from the lookup. The dns-server just happens to send
it to some port that snort is looking for traffic on. But wont this make
it very easy to hide your attempts to connect to a backdoor ( or
6 matches
Mail list logo
