Re: 53 udp/tcp
From: David (davidwnh@adelphia.net)
Date: 11/30/02
- Next message: David: "Re: help! i'm blocked from kazaa!!"
- Previous message: Ric Griffy: "Re: Suggestions for the best firewall appliances for a small business network please? (<50 users)"
- In reply to:(deleted message) Juergen Nieveler: "Re: 53 udp/tcp"
- Next in thread: Ric Griffy: "Re: 53 udp/tcp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David" <davidwnh@adelphia.net> Date: Sat, 30 Nov 2002 04:35:21 GMT
If a DNS server only needs outbound access, how does it get responses for
your queries?
Sure you don't have to have it "listening" on the internet, but you still
have responses coming back. So now you have an additional server running in
which you have to be sure to configure correctly and keep up to date as the
vulnerabilities are exposed and/or fixed.
And if your wondering about the "actual" risks visit a site like CERT or
ISS. You won't be vulnerable to as many without "listening" on the internet,
however you will be vulnerable to more risks than you would without it.
>
> I'd say the risk of running an internal DNS server is minimal - it
> doesn't have to be accessible from the outside, it only needs
> outbound access, and only to the DNS servers of your ISP.
>
- Next message: David: "Re: help! i'm blocked from kazaa!!"
- Previous message: Ric Griffy: "Re: Suggestions for the best firewall appliances for a small business network please? (<50 users)"
- In reply to:(deleted message) Juergen Nieveler: "Re: 53 udp/tcp"
- Next in thread: Ric Griffy: "Re: 53 udp/tcp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
