Re: [freebsd] ipfilter port tcp=53 block logu

Fri, 31 Oct 2003 01:11:36 -0800 

Dedigim gibi zone transfer icin gerekli sadece. Blokladiginiz IP'lerle
zone transfer iliskiniz yoksa kesinlikle tcp/53' bloklamanizi tavsiye ederim.

On Fri, Oct 31, 2003 at 10:02:30AM +0200, Engin  O. wrote:
> murat bey ;
> 
> 53 tcp yi bloklamam bir sakinca dogurmaz degil mi?
> 
> 
> ----- Original Message -----
> From: "Murat Balaban" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, October 31, 2003 10:00 AM
> Subject: Re: [freebsd] ipfilter port tcp=53 block logu
> 
> 
> >
> > DNS query'ler udp/53 uzerinden, dns zone transferler de tcp/53 uzerinden
> gider.
> > Buna istisna, windows'un dns client'i oldugunu duymustum.
> >
> > Bu durumda ya windows makinalardan birisi dns query yapiyor, veya
> > zone transfer istegi yapilmis o makinadan. Zayif ta olsa her zaman mumkun
> olan
> > bir ihtimal de tabi ki virus port taramasi yapiyor :).
> >
> > On Fri, Oct 31, 2003 at 09:48:39AM +0200, Engin  O. wrote:
> > > merhaba
> > >
> > > ipfilterde 53 '? udp ye ac?p tcp 'ye kapam?st?m..
> > >
> > > loglarda
> > >
> > > Oct 30 23:24:45 engin ipmon[332]: 23:24:44.494441 xl0 @0:52 b
> 193.0.0.63,39270 -> 192.168.0.248,53 PR tcp len 20 60 -S IN
> > > Oct 30 23:24:57 engin ipmon[332]: 23:24:56.494222 xl0 @0:52 b
> 193.0.0.63,39270 -> 192.168.0.248,53 PR tcp len 20 60 -S IN
> > >
> > > bunu g?r?yorum yani 193.0.0.63 ?n benim 53 '?me tcp geli?ini
> engellemi?.. ne yap?lmak istenmi? acaba..?
> > >
> >
> > --
> > "When all else fails, read the instructions -- Murphy's Technology Laws"
> >
> > Murat Balaban
> > http://www.enderunix.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > Liste arsivi: http://lists.enderunix.org
> >
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> Liste arsivi: http://lists.enderunix.org
> 

-- 
"When all else fails, read the instructions -- Murphy's Technology Laws"

Murat Balaban
http://www.enderunix.org

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org

Cevap