On Tue, 3 Sep 2002, Gene Huske wrote:
> Below are three examples of packets that are being sent to the GB-1000.
> I have no idea why we're getting them. In every case, the source port
> is 53 and the destination port is 1585. Doing a reverse IP address
> lookup reveals these messages are coming from root servers. And we get
> a lot of these messages.
Its a result of the remote DNS servers taking so long to reply that the
return path has been forgotten. I've got a remote access filter that looks
like:
25 #Block/nolog stale DNS.
Deny warning ANY UDP nolog
from ANY_IP 53
to ANY_IP 1024:65535
Joe Matuscak
Rohrer Corporation
717 Seville Road
Wadsworth, Ohio 44281
(330)335-1541
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
To subscribe to the digest version first unsubscribe, then
e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archive of the last 1000 messages:
http://www.mail-archive.com/[email protected]
