At 17:03:57.06 on 8-AUG-2006 in message
<[EMAIL PROTECTED]>, I wrote:
>[...]
> Despite the above rules, TCP port 53 SYN packets are apparently making
>it past the firewall, since I'm seeing RST (reset) packets being sent out in
>response.[...]
Apologies...I was misinterpreting things. The packets weren't aimed
at port 53 on our network--they were coming _from_ port 53 on the remote
system. The initial packet has not only SYN but ACK set. I'd guess this guy
in China's trying to get a rise out of systems here.
Sorry for the false alarm.
Regards,
Mike
--
Michael T. Davis (Mike) | Systems Specialist: CBE,MSE
E-mail: [EMAIL PROTECTED] | Departmental Networking/Computing
-or- [EMAIL PROTECTED] | The Ohio State University
http://www.ecr6.ohio-state.edu/~davism/ | 197 Watts, (614) 292-6928
