Re: BIND and 32774 or 32775 UDP ports

From: Abel_Lopez@3com.com
Date: 10/10/01 

From: Abel_Lopez@3com.com
To: "Jas Amidzic" <jasmin.amidzic@abs.gov.au>
Message-ID: <88256AE1.006F4E20.00@hqoutbound.ops.3com.com>
Date: Wed, 10 Oct 2001 13:13:50 -0700
Subject: Re: BIND and 32774 or 32775 UDP ports

This appears to be normal behavior.
BIND uses UDP 53 for it's listening port, but the responses appear from an
incrementing high number UDP port.
For example, my DNS server is currently answering a query on UDP 45441, then
the next query is answered on port 45442.

TCP 53 is actually used for Zone transfers, whereas regular nslookup type
queries happen on UDP 53.
This is normal when the name daemon forks, it needs it's own unique port.

--Abe
3Com IT

"Jas Amidzic" <jasmin.amidzic@abs.gov.au> on 10/09/2001 04:22:54 PM

Sent by: "Jas Amidzic" <jasmin.amidzic@abs.gov.au>

To: focus-sun@securityfocus.com
cc: (Abel Lopez/HQ/3Com)
Subject: BIND and 32774 or 32775 UDP ports

BIND 9.1.3 besides listening to TCP port 53 also appear to be listening on UDP
ports 32774 and 32775. Quick nmap scan reviled this ports identifying them as
'sometimes-rpc12' and 'sometimes-rpc14'. However this ports apart to be
associated with BIND, once BIND is stooped 'netstat' does not list those ports
as being in the listening state. Pleas not that all RPC services on the box are
disabled.

I am not sure why this ports are being put in listening state by BIND. Any
ideas ...?

Thanks Jas

-----------------------------------------------
ABS Australian Business Number: 26 331 428 522 ABS Web Site:
www.abs.gov.au

Relevant Pages

  • RE: nc help needed.
    ... You can even get Netcat to listen on the NETBIOS ports that are probably ... user can run a program that will bind to the NETBIOS ports. ...
    (Security-Basics)
  • Re: Waiting for BIND security announcement
    ... BIND is more than just named. ... BIND is there in contrib coz lot of stuff depends on it and so its best left there. ... BIND is also there in ports coz the one there offers you a lot more build time options, is newer, gets updates faster, and is also easier to get up and running with out of the box. ...
    (freebsd-questions)
  • Re: [Fwd: cvs commit: ports/dns/bind9 Makefile distinfo ports/dns/bind94 Makefile distinfo ports/dns
    ... try to use UDP ports which are administratively blocked (e.g. ports ... That option *only* affects UDP queries, ... control for the UDP ports to be used. ... but it's the same for all 9.x versions of BIND. ...
    (FreeBSD-Security)
  • Re: How to get acces to tcp portnumbers below 1024?
    ... ability to bind to reserved ports. ... As far as being special for a reason, that reason went away the first time ... He can bind to the ports in question either by ... man 7 IP for which capability needs to be set. ...
    (alt.os.linux.suse)
  • Re: nss_ldap and openldap importing
    ... majority of machines would benefit from it. ... of having BIND in the base). ... I don't see why building it from ports is difficult.. ... for Genesis Software - http://www.gsoft.com.au ...
    (freebsd-current)