I asked the other day whether udp 53 -> 53 was kosher, and basically it's not but apparently some lazy sysadmins try to save on ports.
Now I am seeing this from ozemail:: Oct 10 10:44:59 gw kernel: FIREWALL FWD pkt dropped:IN=ppp1 OUT=eth2 SRC=203.2.192.108 DST=192.168.254.17 LEN=73 TOS=0x00 PREC=0x00 TTL=240 ID=28977 DF PROTO=UDP SPT=24 DPT=53 LEN=53 # dig -x 203.2.192.108 ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30742 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;108.192.2.203.in-addr.arpa. IN PTR ;; ANSWER SECTION: 108.192.2.203.in-addr.arpa. 39638 IN PTR s0.syd.ops.au.ozemail.net. ;; AUTHORITY SECTION: 192.2.203.in-addr.arpa. 81871 IN NS oznet.ozemail.com.au. 192.2.203.in-addr.arpa. 81871 IN NS oznet02.ozemail.com.au. ;; Query time: 111 msec ;; SERVER: 139.130.4.4#53(139.130.4.4) ;; WHEN: Thu Oct 10 10:51:58 2002 ;; MSG SIZE rcvd: 139 According to RFC1700: 24/tcp any private mail system 24/udp any private mail system # Rick Adam <[EMAIL PROTECTED]> It's interesting that the person who applied for this assignment is from uu.net, or am I being too paranoid? -- Howard. LANNet Computing Associates - Your Linux people Contact detail at http://www.lannetlinux.com "Flatter government, not fatter government." - me Get rid of the Australian states. ------------------------------------------ If electricity comes from electrons, does morality come from morons? -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
