[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] OT: dealing w/comcast

Subject: [ale] OT: dealing w/comcast
From: jimpop at yahoo.com (Jim Popovitch)
Date: Fri, 07 Oct 2005 23:05:24 -0400
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

Jerry Yu wrote:
> for the DNS quirks, I noticed that Comcast is querying my DNS server 
> with UDP packets (SPORT=53 DPORT=53). My iptables rules for inbound DNS 
> queries is to allow (SPORT=1024:) thus Comcast queries got logged and 
> rejected. What's the benefit to have SPORT at 53?

The benefit is that you won't get so many log errors. :-)   Are you sure 
it's UDP?  DNS zone transfers typically occur over TCP.

-Jim P.

References:
- [ale] OT: dealing w/comcast
  - From: jakes.dad at gmail.com (Sid Lane)
- [ale] OT: dealing w/comcast
  - From: jimpop at yahoo.com (Jim Popovitch)
- [ale] OT: dealing w/comcast
  - From: jjj863 at gmail.com (Jerry Yu)

Prev by Date: [ale] Laptop Security Trick
Next by Date: [ale] Emacs stinks, Vi is for wimps
Previous by thread: [ale] OT: dealing w/comcast
Next by thread: [ale] OT: dealing w/comcast
Index(es):
- Date
- Thread