On Thu, Jul 05, 2001 at 11:48:17AM -0700, Doug Barbieri wrote:
> Thanks Henry for getting back to me. I implemented a change similar to
> yours, but I still notice that if I try to access the domain in question
> (www.jeffmcnurlin.com) from inside my work's firewall, those UDP requests
> are DENYed, because for some reason my site is being contacted via ports
> numbered *below* 1024. It seems that those are the only DENYed packets
> that I notice in my messages log for port 53.
I'm confused here. Are you running your own DNS server? Remote hosts should
trying to nslookup your name will contact your nameserver, not the box
running the web browser.
> My question is this: is this just a broken NT nslookup thing, or should I
> expect other sites to attempt to connect to me from ports > 1024 to my
> port 53?
Unless you are running a server there is no need for machines other that your
local DNS servers to contact you on any port. Nameserver replies should
arrive on unprivaledged ports. (Can anyone confirm this? My knowledge is
shaky here.)
> BTW: Could anyone else please see if you can do an nslookup on
> www.jeffmcnurlin.com? I just want to know that it can be resolved from as
> many other sites as possible. This domain belongs to my brother-in-law and
> he has his resume and portfolio posted, so I want to make sure that
> recruiters can access his site.
I have done so, and got:
Server: 198.93.80.101
Address: 198.93.80.101#53
Non-authoritative answer:
www.jeffmcnurlin.com canonical name = solo.trug.com.
solo.trug.com canonical name = trug.com.
Name: trug.com
Address: 216.102.106.223
--
Henry House
OpenPGP key available from http://romana.hajhouse.org/hajhouse.asc
PGP signature
