Thank you very much Brandon Regards Anantha Subramanian Natarajan
On Sun, Apr 4, 2010 at 5:57 PM, Brandon Carroll <[email protected]>wrote: > So this comes from the first hit on a google search. I only mention that > because the information comes from another vendor who shall remain nameless > (grin). > > Domain Name System (DNS) is a protocol that provides mapping service > between domain names and IP addresses. A client sends a DNS query in the > form of a domain name, and a DNS server answers with the IP address > associated with that domain name. DNS typically uses UDP port 53. A DNS > message is normally contained within a single UDP packet. DNS uses > compression to eliminate the repetition of domain names in a message. The > compression schema uses a pointer to refer to a prior name string when the > string repeats later in a DNS message. A DNS message containing a pointer > that points to itself, or pointers that point to each other, result in a > pointer loop. Pointer loops are protocol anomalies that should be detected. > This is because some DNS handlers could fail to handle such packets, > resulting in denial of service conditions. A packet containing this type of > protocol anomaly could also indicate that non-DNS traffic is being > transmitted over DNS ports. For example, illegal peer-to-peer downloading, > Trojan activity, odd chat programs, etc. > > > > Regards, > > Brandon Carroll - CCIE #23837 > Senior Technical Instructor - IPexpert > Mailto: [email protected] > Telephone: +1.810.326.1444 > Live Assistance, Please visit: www.ipexpert.com/chat > eFax: +1.810.454.0130 > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > On Apr 4, 2010, at 3:42 PM, Anantha Subramanian Natarajan wrote: > > Hi All, > > My understanding on when Cisco ASA does DNS inspection by default it > also verifies compression pointer loop exists.I sort of understand that,if > compression pointer loop exists,it would cause infinite lookup of the DNS > server.My question is ,what is meant by compression pointer loop. > > Thanks for great help > > Regards > Anantha Subramanian Natarajan > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
