Re: TCP on remote port 53??
From: Karl Levinson [x y] MVP (levinson_k@excite.com)
Date: 10/21/02
- Next message: Karl Levinson [x y] MVP: "Re: Reset Local Admin Password"
- Previous message: Karl Levinson [x y] MVP: "Re: required ports W2k Server"
- In reply to: WRCsam: "TCP on remote port 53??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Karl Levinson [x y] MVP" <levinson_k@excite.com> Date: Mon, 21 Oct 2002 09:27:46 -0400
"WRCsam" <UUsam@WTFhotmail.com.uu.WTF> wrote in message
news:eaJAgOIeCHA.2588@tkmsftngp12...
> My firewall logs this pretty often
>
> Device 1, Blocked outgoing TCP packet (no matching rule), src='my ip
here',
> dst=153.39.194.10, sport=1278, dport=53
>
> If it wasn't TCP protocol, then it would be DNS connection attempt.
>
> Do you have the same problem, which app is doing the connecting?
>
> How can I find out which app is opening this connection?
As mentioned in the other post, DNS might also require you to open up TCP 53
as well as UDP 53. I understand that DNS requests that do not fit in one
UDP packet are resent as TCP 53.
Firewalls such as Sygate will log which app is doing the requesting on
outbound transmissions and some inbound ones. Zone Alarm might also do
this, not sure. Both have versions that are free for non-commercial users.
- Next message: Karl Levinson [x y] MVP: "Re: Reset Local Admin Password"
- Previous message: Karl Levinson [x y] MVP: "Re: required ports W2k Server"
- In reply to: WRCsam: "TCP on remote port 53??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
