[prev in list] [next in list] [prev in thread] [next in thread]
List: gauntlet-user
Subject: RE: Split dns, security alert
From: "Horner, Robert" <Horner.Robert () tci ! com>
Date: 1997-11-12 14:24:59
[Download RAW message or body]
That looks like a traceroute session from your internal DNS box. Also,
are you running bind 8.1.1? You need to force it to use port 53 for its
queries.
in named.conf:
options {
.
.
.
query-source address * port 53;
};
This may not fix your problem, but it caused us grief until we changed
it.
Robert
> -----Original Message-----
> From: Roger Boussen [SMTP:RBoussen@Audax.nl]
> Sent: Wednesday, November 12, 1997 3:29 AM
> To: Horner, Robert
> Subject: Split dns, security alert
>
> I have configured spilt DNS as follows:
>
> - firewall primary dns-server
> - dns ip adres internal dns-server
> - resolv.conf
> domain .....
> nameserver internal dns-server
> nameserver external dns-server
>
> Internal dns-server
> - named.boot
> .....
> forwarders ip-address-firewall ip-address-firewall
> slave
> - resolv.conf
> domain ....
> nameserver internal dns-server
>
> nslookup on the firewall finds only internal addresses
> nslookup on the internal server finds only internal addresses
>
> messages in system.log firewall
> Nov 11 21:33:23 fwin kernel: securityalert: udp from
> ip-internal-dns:45732 to ip-firewall on unserved port 33435
>
> Nov 11 21:33:23 fwin kernel: securityalert: udp from
> ip-internal-dns:45732 to ip-firewall on unserved port 33436
>
> Nov 11 21:33:23 fwin kernel: securityalert: udp from
> ip-internal-dns:45732 to ip-firewall on unserved port 33437
>
> Can anyone tell me what is going wrong. The internal dns-server is a
> trusted host on our 3.2 Gauntlet-firewall, it's running
> on BSD/I and has two NIC's.
>
>
>
>
>
> Your's sincerly,
>
> R. Boussen
> Audax A&I B.V.
> the Netherlands
>
> business address:
> email: rboussen@audax.nl
> tel. : +31 161 457847
> fax. : +31 161 457777
>
> private address:
> rboussen@worldonline.nl
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic