I had to turn that Smartdefense option off as well with W2K and W2K3 servers. It sounds like the "inspection" denies half of the DNS traffic out there.
Chris -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Nico De Ranter Sent: Tuesday, September 09, 2003 4:11 AM To: [EMAIL PROTECTED] Subject: [FW-1] Attack Info: Badly formed DNS Hi, I have a NG FP3 firewall protecting the connection to the Internet. It allows all outgoing traffic by default, however when my DNS servers (running bind 9) try to lookup an address on the Internet it gets blocked by the firewall with a message stating Attack Info: Badly formed DNS Any ideas why the firewall would block legitimate DNS traffic? Nico ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
