The wording is correct. Disabling TCP breaks it per RFC, the server might always respond with UDP but how does a UDP packet arrive as an answer to a TCP request? I would not think to tell you how to set up your DNS servers, but network diagnostic messages should be written to comply with the RFCs.
Karl On Wed, 2006-08-23 at 11:04 +1200, Jason Haar wrote: > This DNS checks says: > > "A DNS server is running on this port but > it only answers to UDP requests. > This means that TCP requests are blocked by a firewall. > > This configuration is incorrect: TCP might be used by any > request, it is not restricted to zone transfers. > Read RFC1035 or STD0013 for more information." > > > We run tinydns and ensure our DNS records are always small enough to fit > within a single UDP packet - so we deliberately disabled DNS TCP. > > I think this wording should be changed to " This configuration might be > incorrect, depending on the type of DNS data the server returns..." > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
