[Dshield] UDP packets dropped from DNS server

Gary Garrison garyg at fbtc.net
Sat Oct 27 17:51:21 GMT 2001

Of course, assuming Jeff's wkstn is resolving (most of the time),
it could be the ISP's DNS is a bit lethargic, allowing his f/w to timeout.


-----Original Message-----
From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org]On
Behalf Of John Groseclose
Sent: Saturday, October 27, 2001 9:36 AM
To: dshield at dshield.org
Subject: Re: [Dshield] UDP packets dropped from DNS server

At 9:37 AM -0400 10/27/01, Jeffrey Pike wrote:
>I'm relatively new to these issues, so forgive me if my
>questions have obvious answers. I have many lines like
>this in my firewall logs:
>10/23/2001 17:23:21.352 - UDP packet dropped -
>Source:, 53, WAN -
>Destination:, 9318, LAN -
>  	 - 	Rule 0
>The source address is my ISP's DNS server. The destination
>address is the firewall. Anything to worry about? What is

Port 53 is the DNS server.

In most parts of the world, it's considered moderately rude to ask a
question, then ignore the answer - which is what you're doing to that
poor DNS server. You're sending queries, then blocking the answers.
John Groseclose
iain at caradoc.org

Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list