On Thu, Jan 03, 2002 at 04:17:02PM -0800, Shwaine wrote: > There is no need for UDP 22 and 80 to do normal web browsing and > SSH sessions. The only UDP packets I allow on the input side of the > firewall is UDP port 53 from only my ISP's DNS servers, since these > are the replies to my DNS queries. I've read in a few documents that > DNS may also sometimes use TCP port 53. I haven't seen that happen > in any of my logs however. Anyways, you should be fine blocking those > two UDP ports. My web browsing and SSH use go just fine with them > blocked.
Generally DNS only uses 53/tcp when running a zone transfer. -- Henry House The attached file is a digital signature. See <http://romana.hajhouse.org/pgp> for information. My OpenPGP key: <http://romana.hajhouse.org/hajhouse.asc>.
msg00952/pgp00000.pgp
Description: PGP signature
