According to RFC 1035(?) the source port of a DNS query is 53 or >1023. Newer DNS servers have by default a source port >1023 but connections from port 53 are absolutely legal.
On Tuesday 29 July 2003 03:38, Glenn English wrote: > My understanding is that UDP connects to port 53 should be allowed only > from ports > 1023. When I set that, I get *many* deny's coming from port > 53 UDP to port 53. > > Is there a legit reason for that connection? My new firewall is > scribbling all over my log :-) -- Peter Bruderer mailto:[EMAIL PROTECTED] Bruderer Research GmbH Tel ++41 52 620 26 53 IT Security Services Fax ++41 52 620 26 54 CH-8200 Schaffhausen http://www.bruderer-research.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
