TCP/IP filtering issues...Please help!

From: Ben Croxton (Ben@AxxessTechnologies.com)
Date: 08/28/02

Previous message: Stefan Kaysersberg: "FW: Linux Security warning"
Next in thread: Brett W. McCoy: "Re: TCP/IP filtering issues...Please help!"
Reply: Brett W. McCoy: "Re: TCP/IP filtering issues...Please help!"
Reply: Sean Trifero: "Re: TCP/IP filtering issues...Please help!"
Reply: Jerry M. Howell II: "Re: TCP/IP filtering issues...Please help!"
Reply: Ben Croxton: "RE: TCP/IP filtering issues...Please help!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Ben Croxton" <Ben@AxxessTechnologies.com>
To: <security-basics@securityfocus.com>
Date: Wed, 28 Aug 2002 11:24:44 -0400

I am in the process of completely locking down (as much as possible anyway
;o) my MS network...All Win2k. In applying TCP/IP filtering rules I ran into
a problem:
I setup rules to allow all necessary ports for both internet and intranet
traffic, and everything works fine with the exception of DNS. Even though I
opened port 53 TCP/UDP I am still unable to browse the web without going to
the specific IP address of a web server. I have not applied these rules to
all clients yet because of this problem, and am in a hurry to do so. I seem
to remember reading that even though DNS works on TCP/UDP 53, that responses
come in on a higher range of ports...not sure if this is correct but it is
all that I can think of. I am hoping someone out there knows the fix for
this, I have searched all over google and can't seem to find an answer. If
this is a simple thing, please excuse my ignorance...TIA :o))

Previous message: Stefan Kaysersberg: "FW: Linux Security warning"
Next in thread: Brett W. McCoy: "Re: TCP/IP filtering issues...Please help!"
Reply: Brett W. McCoy: "Re: TCP/IP filtering issues...Please help!"
Reply: Sean Trifero: "Re: TCP/IP filtering issues...Please help!"
Reply: Jerry M. Howell II: "Re: TCP/IP filtering issues...Please help!"
Reply: Ben Croxton: "RE: TCP/IP filtering issues...Please help!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Multi Site Hosting
... make out that wont be the part which facilitates having a web server most ... My prior understanding was by having DNS records locally for the respective ... I would have assumed you needed SBS for its DNS? ... >>> put it on another machine running windows web server 2003 and direct the ...
(microsoft.public.windows.server.sbs)
Re: A Big Mess
... issue or a little of both so I am going to cross post to both discussion ... * I have set up a new web server behind a firewall. ... Web server also acts as DNS server ... Internet correctly. ...
(microsoft.public.windows.server.dns)
Re: Web Edition come with DNS services?
... However, if you're talking about an internet facing web server, you need ... some sort of DNS service too. ... intended application will run fine on 1GB-2GB of RAM, ...
(microsoft.public.windows.server.general)
Re: is it possible to set up a web server on a computer in a local area network?
... >>much about the DNS or DMZ. ... lets you set up "port forwarding" or "services" (depending on the maker. ... > If your Web server should be visible from the internet you should do: ...
(Fedora)
Re: can dns take 1 ip and use cname to trans?
... I myself am responding to other people's lack of planning, ... For various reasons a short ttl was rejected. ... Mainly our ISP cannot guarantee an immediate response for making DNS updates. ... Planning ahead would have the new web server online in the dmz and tested from inside/outside. ...
(microsoft.public.win2000.dns)