This DNS checks says: "A DNS server is running on this port but it only answers to UDP requests. This means that TCP requests are blocked by a firewall.
This configuration is incorrect: TCP might be used by any request, it is not restricted to zone transfers. Read RFC1035 or STD0013 for more information." We run tinydns and ensure our DNS records are always small enough to fit within a single UDP packet - so we deliberately disabled DNS TCP. I think this wording should be changed to " This configuration might be incorrect, depending on the type of DNS data the server returns..." -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
